Vulnerability Description
A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function child_process.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may be performed from remote. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The patch is identified as 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488. It is best practice to apply a patch to resolve this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phialsbasement | Mcp Nmap Server | <= 1.0.1 |
Related Weaknesses (CWE)
References
- https://github.com/PhialsBasement/nmap-mcp-server/Product
- https://github.com/PhialsBasement/nmap-mcp-server/commit/30a6b9e1c7fa6146f51e28dPatch
- https://github.com/PhialsBasement/nmap-mcp-server/issues/7ExploitIssue Tracking
- https://github.com/PhialsBasement/nmap-mcp-server/issues/7#issuecomment-38143825ExploitIssue Tracking
- https://vuldb.com/?ctiid.348559Permissions RequiredVDB Entry
- https://vuldb.com/?id.348559Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.763773Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.763777Third Party AdvisoryVDB Entry
FAQ
What is CVE-2026-3484?
CVE-2026-3484 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function child_process.exec of the file src/index.ts of the...
How severe is CVE-2026-3484?
CVE-2026-3484 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-3484?
Check the references section above for vendor advisories and patch information. Affected products include: Phialsbasement Mcp Nmap Server.