Vulnerability Description
LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attacker controlled MCP server, attackers could provision a malicious authorization server endpoint to silently achieve an OS command injection attack in the open() invocation, leading to client system compromise. This issue has been patched in version 0.1.12.
Related Weaknesses (CWE)
References
- https://drive.google.com/file/d/1lSqFkc412aX6a_fjmNfzXsJKE7b8jPqD/view?usp=shari
- https://github.com/LSTM-Kirigaya/openmcp-client/commit/9c3799d6ffae8d0cdfab25a53
- https://github.com/LSTM-Kirigaya/openmcp-client/security/advisories/GHSA-43m4-p3
FAQ
What is CVE-2025-58062?
CVE-2025-58062 is a documented vulnerability. LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attacker controlled MCP server, attackers could provision a...
How severe is CVE-2025-58062?
CVSS scoring is not yet available for CVE-2025-58062. Check NVD for updates.
Is there a patch for CVE-2025-58062?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.