Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result in the execution of arbitrary operating system (OS) commands.
The vulnerability, tracked as CVE-2025-6514, carries a CVSS score of 9.6 out of 10.0.
"The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it



Source: TheHackerNews
Source Link: https://thehackernews.com/2025/07/critical-mcp-remote-vulnerability.html