Skip to main content

Yii2 Mcp Server

1 CVEs product

Monthly

CVE-2026-7600 npm LOW POC Monitor

Remote OS command injection in ArtMin96 yii2-mcp-server 1.0.2 allows authenticated remote attackers to execute arbitrary operating system commands via manipulation of the yii_command_help or yii_execute_command functions in the MCP Interface component. Exploit code is publicly available, and the vendor has not yet responded to early disclosure through issue reporting.

Command Injection Yii2 Mcp Server
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.7%
EPSS 1% CVSS 2.1
LOW POC Monitor

Remote OS command injection in ArtMin96 yii2-mcp-server 1.0.2 allows authenticated remote attackers to execute arbitrary operating system commands via manipulation of the yii_command_help or yii_execute_command functions in the MCP Interface component. Exploit code is publicly available, and the vendor has not yet responded to early disclosure through issue reporting.

Command Injection Yii2 Mcp Server
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy