Cyber Resilience

CVE-2025-11491

LowPublic PoC

Published: 08 October 2025

Published
08 October 2025
Modified
29 April 2026
KEV Added
Patch
CVSS Score v4 2.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0037 59.0th percentile
Risk Priority 4 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-11491 is a low-severity Command Injection (CWE-77) vulnerability in Wonderwhy-Er Desktopcommandermcp. Its CVSS base score is 2.1 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Command and Scripting Interpreter (T1059); ranked in the top 41.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-6 (Least Privilege).

Deeper analysis

A vulnerability identified as CVE-2025-11491 affects wonderwhy-er DesktopCommanderMCP versions up to 0.2.13. The issue resides in the CommandManager function within src/command-manager.ts, where improper handling of input enables OS command injection. The flaw is remotely exploitable and has been publicly disclosed, corresponding to CWE-77 and CWE-78.

An authenticated remote attacker with limited privileges can supply crafted input to the affected function, resulting in execution of arbitrary operating system commands. The CVSS 4.0 score of 2.1 reflects low overall impact limited to partial effects on confidentiality, integrity, and availability within the local scope, with no effect on subsequent systems.

EPSS probability rose from a low baseline to a peak of 0.0177 on 2025-12-11 before receding to the current value of 0.0037, indicating a period of increased exploitation interest following public disclosure. The referenced GitHub issues and Vuldb entries document the finding but do not detail specific patches or mitigations.

EU & UK References

Vulnerability details

A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element is the function CommandManager of the file src/command-manager.ts. Performing manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been…

more

made public and could be used.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
Why these techniques?

The vulnerability is an OS command injection issue, directly enabling arbitrary command execution via Command and Scripting Interpreter (T1059).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-11490Same product: Wonderwhy-Er Desktopcommandermcp
CVE-2025-59834Shared CWE-77, CWE-78
CVE-2026-7064Shared CWE-77, CWE-78
CVE-2026-6130Shared CWE-77, CWE-78
CVE-2025-66401Shared CWE-78
CVE-2025-9262Shared CWE-77, CWE-78
CVE-2026-7593Shared CWE-77, CWE-78
CVE-2026-7443Shared CWE-77, CWE-78
CVE-2026-7785Shared CWE-77, CWE-78
CVE-2026-5802Shared CWE-77, CWE-78

Affected Assets

wonderwhy-er
desktopcommandermcp
≤ 0.2.13

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation and sanitization of all inputs to CommandManager before they reach OS command execution, blocking the injection vector in src/command-manager.ts.

prevent

Enforces least-privilege execution context so that even a successful command injection yields only limited C/I/A impact as described in the CVSS vector.

prevent

Restricts the system to least functionality, disabling or sandboxing the shell/command features that DesktopCommanderMCP exposes and thereby reducing the attack surface for remote injection.

References