geelen/mcp-remote

Releases61

Frequency5 days 7 hours

Last Release 4 months ago

Stars1.47K

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-6514 ↗	Jul 9, 2025Wednesday, 9 July 2025, 13:15	9.6 CRITICAL	—
mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL