Description
Markdownify is a Model Context Protocol server for converting almost anything to Markdown. Versions below 0.0.2 contain a command injection vulnerability, caused by the unsanitized use of input parameters within a call to child_process.exec, enabling an attacker to inject arbitrary system commands. Successful exploitation can lead to remote code execution under the server process's privileges. The server constructs and executes shell commands using unvalidated user input directly within command-line strings. This introduces the possibility of shell metacharacter injection (|, >, &&, etc.). This issue is fixed in version 0.0.2.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://github.com/zcaceres/markdownify-mcp/security/advisories/GHSA-45qj-4xq3-3c45
Scores
CVSS v3
7.5
EPSS
0.0016
EPSS Percentile
36.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-77
Status
published
Products (2)
npm/mcp-markdownify-server
0 - 0.0.2npm
zcaceres/markdownify-mcp
< 0.0.2
Published
Sep 04, 2025
Tracked Since
Feb 18, 2026