What is the CVSS score of EUVD-2025-200116?

EUVD-2025-200116 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 1.3%.

Which versions of Mcp Watch are affected by EUVD-2025-200116?

MCP Watch versions 0.1.2 and earlier contain a critical command injection vulnerability that allows attackers to execute arbitrary code on systems running this security scanner.. A patch is available.

Is there a public PoC exploit available for EUVD-2025-200116?

Yes, a public proof-of-concept exploit is available for EUVD-2025-200116. Prioritise patching immediately. EPSS: 1.3%.

How to fix or mitigate EUVD-2025-200116?

Within 24 hours: Identify all systems running MCP Watch 0.1.2 or earlier and isolate them from production networks if possible; disable the cloneRepo functionality if the application supports feature toggles. Within 7 days: Apply the available patch to all affected instances and validate successful deployment. Within 30 days: Conduct a forensic review of logs to determine if the vulnerability was exploited, and implement input validation testing in your security scanner deployment pipeline.

Mcp Watch EUVD-2025-200116

| CVE-2025-66401 CRITICAL

OS Command Injection (CWE-78)

2025-12-01 security-advisories@github.com

GHSA-27m7-ffhq-jqrm

Command Injection Mcp Watch

9.8

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

9.8 CRITICAL

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 13:34 euvd

EUVD-2025-200116

Analysis Generated

Mar 15, 2026 - 13:34 vuln.today

Patch released

Mar 15, 2026 - 13:34 nvd

Patch available

PoC Detected

Feb 06, 2026 - 16:34 vuln.today

Public exploit code

CVE Published

Dec 01, 2025 - 23:15 nvd

CRITICAL 9.8

DescriptionGitHub Advisory

MCP Watch is a comprehensive security scanner for Model Context Protocol (MCP) servers. In 0.1.2 and earlier, the MCPScanner class contains a critical Command Injection vulnerability in the cloneRepo method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL.

Analysis

Technical ContextAI

Command injection allows an attacker to execute arbitrary OS commands on the host system through a vulnerable application that passes user input to system shells. This vulnerability is classified as OS Command Injection (CWE-78).

RemediationAI

A vendor patch is available — apply it immediately. Avoid passing user input to system commands. Use language-specific APIs instead of shell commands. If unavoidable, use strict input validation and escaping.

EUVD-2025-200116 vulnerability details – vuln.today

Back

Mcp Watch EUVD-2025-200116

Severity by source

CVSS VectorGitHub Advisory

Lifecycle Timeline

DescriptionGitHub Advisory

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code