VYPR

npm package

@elgentos/magento2-dev-mcp

pkg:npm/%40elgentos/magento2-dev-mcp

Vulnerabilities (1)

  • CVE-2026-5603MedApr 5, 2026
    affected <= 1.0.2

    A vulnerability was identified in elgentos magento2-dev-mcp up to 1.0.2. The affected element is the function executeMagerun2Command of the file src/index.ts. Such manipulation leads to os command injection. An attack has to be approached locally. The exploit is publicly availabl