CVE-2025-54994
published 2025-09-08CVE-2025-54994: @akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way…
PriorityP260critical9.3CVSS 4.0
AVNACLATNPRNUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
1.37%
68.5th percentile
@akoskm/create-mcp-server-stdio is an MCP server starter kit that uses the StdioServerTransport. Prior to version 0.0.13, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server exposes the tool `which-app-on-port` which relies on Node.js child process API `exec` which is an unsafe and vulnerable API if concatenated with untrusted user input. Version 0.0.13 contains a fix for the issue.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| akoskm | create-mcp-server-stdio | < 0.0.13 | 0.0.13 |
| akoskm | create-mcp-server-stdio | >= 0 < 0.0.13 | 0.0.13 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
@akoskm/create-mcp-server-stdio is vulnerable to MCP Server Command Injection through `exec` API
osv·2025-09-08
CVE-2025-54994 [CRITICAL] @akoskm/create-mcp-server-stdio is vulnerable to MCP Server Command Injection through `exec` API
@akoskm/create-mcp-server-stdio is vulnerable to MCP Server Command Injection through `exec` API
# Command Injection in MCP Server
The MCP Server at https://github.com/akoskm/create-mcp-server-stdio is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation.
## Vulnerable tool
The MCP Server exposes the tool `which-app-on-port` which relies on Node.js child process API `exec` which is an unsafe and vulnerable API if concatenated with untrusted user input.
Vulnerable line of code: https://github.com/akoskm/create-mcp-server-stdio/blob/main/src/index.ts#L24-L40
```js
server.tool("which-app-on-port", { port: z.number() }, async ({ port }) => {
const result = await new Promise((resolve, reject) =>
GHSA
@akoskm/create-mcp-server-stdio is vulnerable to MCP Server Command Injection through `exec` API
ghsa·2025-09-08
CVE-2025-54994 [CRITICAL] CWE-77 @akoskm/create-mcp-server-stdio is vulnerable to MCP Server Command Injection through `exec` API
@akoskm/create-mcp-server-stdio is vulnerable to MCP Server Command Injection through `exec` API
# Command Injection in MCP Server
The MCP Server at https://github.com/akoskm/create-mcp-server-stdio is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation.
## Vulnerable tool
The MCP Server exposes the tool `which-app-on-port` which relies on Node.js child process API `exec` which is an unsafe and vulnerable API if concatenated with untrusted user input.
Vulnerable line of code: https://github.com/akoskm/create-mcp-server-stdio/blob/main/src/index.ts#L24-L40
```js
server.tool("which-app-on-port", { port: z.number() }, async ({ port }) => {
const result = await new Promise((resolve, reject) =>
No detection rules found.
No public exploits indexed.
2025-09-08
Published