Harmonyos Mcp Server

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-2131 MEDIUM POC This Month

OS command injection in XixianLiang HarmonyOS-mcp-server 0.1.0 allows authenticated remote attackers to execute arbitrary commands through unsanitized input to the input_text function. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can exploit this over the network to achieve remote code execution with limited complexity.

Command Injection AI / ML Harmonyos Mcp Server

NVD GitHub VulDB

CVSS 3.1

6.3

EPSS

0.4%

CVE-2026-2131

EPSS 0% CVSS 6.3

MEDIUM POC This Month

OS command injection in XixianLiang HarmonyOS-mcp-server 0.1.0 allows authenticated remote attackers to execute arbitrary commands through unsanitized input to the input_text function. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can exploit this over the network to achieve remote code execution with limited complexity.

Command Injection AI / ML Harmonyos Mcp Server

NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy