CVE-2026-3959
MEDIUM0xKoda WireMCP - OS Command Injection in Tshark CLI Command Handler
Title source: llmDescription
A vulnerability was found in 0xKoda WireMCP up to 7f45f8b2b4adeb76be8c6227eefb38533fdd6b1e. Impacted is the function server.tool of the file index.js of the component Tshark CLI Command Handler. The manipulation results in os command injection. The attack needs to be approached locally. The exploit has been made public and could be used. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The project was informed of the problem early through an issue report but has not responded yet.
References (6)
Core 6
Core References
Permissions Required, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.350389
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.350389
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.768129
Issue Tracking issue-tracking
https://github.com/0xKoda/WireMCP/issues/12
Various Sources exploit
https://github.com/user-attachments/files/25571315/WireMCP_security_advisory.pdf
Scores
CVSS v3
5.3
EPSS
0.0032
EPSS Percentile
55.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-77
CWE-78
Status
published
Products (1)
0xKoda/WireMCP
7f45f8b2b4adeb76be8c6227eefb38533fdd6b1e
Published
Mar 11, 2026
Tracked Since
Mar 12, 2026