Skip to main content

Mcp Server Rijksmuseum

1 CVEs product

Monthly

CVE-2026-7653 LOW POC Monitor

Remote authenticated command injection in r-huijts mcp-server-rijksmuseum up to version 1.0.4 allows attackers with login credentials to execute arbitrary OS commands via manipulation of the imageUrl argument in the open_image_in_browser function. The vulnerability has publicly available exploit code and the vendor has not yet responded to early disclosure.

Command Injection Mcp Server Rijksmuseum
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.2%
EPSS 0% CVSS 2.1
LOW POC Monitor

Remote authenticated command injection in r-huijts mcp-server-rijksmuseum up to version 1.0.4 allows attackers with login credentials to execute arbitrary OS commands via manipulation of the imageUrl argument in the open_image_in_browser function. The vulnerability has publicly available exploit code and the vendor has not yet responded to early disclosure.

Command Injection Mcp Server Rijksmuseum
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy