CVE-2025-6514

CRITICAL

mcp-remote - Command Injection

Title source: llm

Description

mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL

Exploits (2)

nomisec SCANNER

by darshjme · poc

https://github.com/darshjme/mcp-security-audit

View Code ZIP pw:eip

nomisec STUB

by ChaseHCS · poc

https://github.com/ChaseHCS/CVE-2025-6514

View Code ZIP pw:eip

References (3)

[Various Sources] https://jfrog.com/blog/2025-6514-critical-mcp-remote-rce-vulnerability

[Various Sources] https://research.jfrog.com/vulnerabilities/mcp-remote-command-injection-rce-jfsa-2025-001290844/

[Patch] https://github.com/geelen/mcp-remote/commit/607b226a356cb61a239ffaba2fb3db1c9dea4bac

Scores

CVSS v3 9.6

EPSS 0.0146

EPSS Percentile 80.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Details

CWE

CWE-78

Status published

Products (1)

npm/mcp-remote 0.0.5 - 0.1.16npm

Published Jul 09, 2025

Tracked Since Feb 18, 2026