VYPR

npm package

node-code-sandbox-mcp

pkg:npm/node-code-sandbox-mcp

Vulnerabilities (1)

  • CVE-2025-53372HigJul 8, 2025
    affected < 1.3.0fixed 1.3.0

    node-code-sandbox-mcp is a Node.js–based Model Context Protocol server that spins up disposable Docker containers to execute arbitrary JavaScript. Prior to 1.3.0, a command injection vulnerability exists in the node-code-sandbox-mcp MCP Server. The vulnerability is caused by the