VYPR

npm package

@wong2/mcp-cli

pkg:npm/%40wong2/mcp-cli

Vulnerabilities (1)

  • CVE-2025-9262MedAug 20, 2025
    affected <= 1.13.0

    A flaw has been found in wong2 mcp-cli 1.13.0. Affected is the function redirectToAuthorization of the file /src/oauth/provider.js of the component oAuth Handler. This manipulation causes os command injection. The attack may be initiated remotely. The attack is considered to have