Description
A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function child_process.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may be performed from remote. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The patch is identified as 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488. It is best practice to apply a patch to resolve this issue.
Published: 2026-03-03
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

An attacker can exploit a flaw in the Nmap Command Handler of PhialsBasement's nmap-mcp-server; the handler uses child_process.exec without proper input validation, leading to command injection. This permits remote execution of arbitrary operating‑system commands via the vulnerable interface. The result is a full compromise of confidentiality, integrity, and availability on the affected host.

Affected Systems

The vulnerability affects the PhialsBasement nmap-mcp-server component. All releases up to and including the commit bee6d23547d57ae02460022f7c78ac0893092e38 are impacted. The fix is provided by the commit 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488. Because the project uses a rolling‑release model, the exact version number is not publicly listed, but any running instance prior to the patch is susceptible.

Risk and Exploitability

The CVSS score of 5.3 places this vulnerability in the moderate range, whereas the EPSS score of less than 1% indicates a very low probability of exploitation at the moment. It is not listed in the CISA KEV catalog. The likely attack vector is remote, gained through authorized API calls or exposed CLI endpoints in the service. An attacker exploiting this flaw can achieve full command execution, which effectively translates to remote code execution on the host machine.

Generated by OpenCVE AI on April 16, 2026 at 14:00 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the patch identified by commit 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488 or upgrade to a later release that incorporates it
  • Validate all input passed to child_process.exec rigorously, and prefer safer APIs such as child_process.spawn or execFile with explicit arguments
  • Restrict network exposure of the Nmap CLI endpoint, using firewall rules or access controls, to limit the attack surface and prevent unauthenticated remote exploitation

Generated by OpenCVE AI on April 16, 2026 at 14:00 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-xc68-rrqc-qgq3 MCP NMAP Server has an Injection vulnerability
History

Thu, 05 Mar 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Phialsbasement mcp Nmap Server
CPEs cpe:2.3:a:phialsbasement:mcp_nmap_server:*:*:*:*:*:*:*:*
Vendors & Products Phialsbasement mcp Nmap Server

Wed, 04 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Phialsbasement
Phialsbasement nmap-mcp-server
Vendors & Products Phialsbasement
Phialsbasement nmap-mcp-server

Tue, 03 Mar 2026 20:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in PhialsBasement nmap-mcp-server up to bee6d23547d57ae02460022f7c78ac0893092e38. Affected by this issue is the function child_process.exec of the file src/index.ts of the component Nmap CLI Command Handler. The manipulation results in command injection. The attack may be performed from remote. This product utilizes a rolling release system for continuous delivery, and as such, version information for affected or updated releases is not disclosed. The patch is identified as 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488. It is best practice to apply a patch to resolve this issue.
Title PhialsBasement nmap-mcp-server Nmap CLI index.ts child_process.exec command injection
Weaknesses CWE-74
CWE-77
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:ND/RL:OF/RC:C'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:O/RC:C'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X'}

Subscriptions

Phialsbasement Mcp Nmap Server Nmap-mcp-server
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-04T21:10:37.485Z

Reserved: 2026-03-03T15:16:15.700Z

Link: CVE-2026-3484

cve-icon Vulnrichment

Updated: 2026-03-04T21:10:33.285Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-03T20:16:50.430

Modified: 2026-03-05T21:32:06.960

Link: CVE-2026-3484

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:15:28Z

Weaknesses