CVE-2025-58062
HIGHLSTM-Kirigaya's openmcp-client <0.1.12 - Command Injection
Title source: llmDescription
LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attacker controlled MCP server, attackers could provision a malicious authorization server endpoint to silently achieve an OS command injection attack in the open() invocation, leading to client system compromise. This issue has been patched in version 0.1.12.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://github.com/LSTM-Kirigaya/openmcp-client/security/advisories/GHSA-43m4-p3rv-c4v8
Patch x_refsource_misc
https://github.com/LSTM-Kirigaya/openmcp-client/commit/9c3799d6ffae8d0cdfab25a53af75e1afc85f6c3
Various Sources x_refsource_misc
https://drive.google.com/file/d/1lSqFkc412aX6a_fjmNfzXsJKE7b8jPqD/view?usp=sharing
Scores
CVSS v4
7.3
EPSS
0.0021
EPSS Percentile
42.6%
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-78
Status
published
Products (1)
LSTM-Kirigaya/openmcp-client
< 0.1.12
Published
Aug 28, 2025
Tracked Since
Feb 18, 2026