CVE-2025-6514CRITICAL 9.6EPSS p98.7%

CVE-2025-6514CVE-2025-6514

Description

mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL

Scoring

CVSS 3.19.6 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS47.21% probability of exploitation · percentile 98.7% · 2026-06-18T12:00:27Z
Published2025-07-09
Last modified2026-04-15

Underlying weaknesses· 1

CWE-78

References

  1. https://github.com/geelen/mcp-remote/commit/607b226a356cb61a239ffaba2fb3db1c9dea4bac
  2. https://jfrog.com/blog/2025-6514-critical-mcp-remote-rce-vulnerability
  3. https://research.jfrog.com/vulnerabilities/mcp-remote-command-injection-rce-jfsa-2025-001290844/

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an OS Command ('OS Command Injection')cwe-780%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-61492
CVE
CVE-2025-6542
CVE
CVE-2025-5277
CVE
CVE-2025-64127
CVE
CVE-2025-52692
CVE
CVE-2025-59461
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.