Skip to main content

Heim Mcp

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-5602 npm LOW POC PATCH GHSA Monitor

OS command injection in Nor2-io heim-mcp up to version 0.1.3 allows authenticated local attackers to execute arbitrary system commands via the registerTools function in src/tools.ts, affecting cloud deployment operations. Publicly available exploit code exists, and the vendor released a patched version promptly after disclosure.

Command Injection Heim Mcp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.1%
CVE-2026-5602 npm
EPSS 0% CVSS 1.9
LOW POC PATCH Monitor

OS command injection in Nor2-io heim-mcp up to version 0.1.3 allows authenticated local attackers to execute arbitrary system commands via the registerTools function in src/tools.ts, affecting cloud deployment operations. Publicly available exploit code exists, and the vendor released a patched version promptly after disclosure.

Command Injection Heim Mcp
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy