{"id":"CVE-2025-6514","details":"mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL","aliases":["GHSA-6xpm-ggf7-wc3p"],"modified":"2026-04-10T05:34:53.112300Z","published":"2025-07-09T13:15:24.213Z","references":[{"type":"WEB","url":"https://research.jfrog.com/vulnerabilities/mcp-remote-command-injection-rce-jfsa-2025-001290844/"},{"type":"FIX","url":"https://github.com/geelen/mcp-remote/commit/607b226a356cb61a239ffaba2fb3db1c9dea4bac"},{"type":"ARTICLE","url":"https://jfrog.com/blog/2025-6514-critical-mcp-remote-rce-vulnerability"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/geelen/mcp-remote","events":[{"introduced":"0"},{"fixed":"607b226a356cb61a239ffaba2fb3db1c9dea4bac"}]}],"versions":["v0.0.18","v0.0.20","v0.0.21","v0.0.22","v0.0.9","v0.1.0","v0.1.1","v0.1.12","v0.1.13","v0.1.14","v0.1.15","v0.1.2","v0.1.3","v0.1.4","v0.1.6","v0.1.7","v0.1.8","v0.1.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-6514.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}]}