Description
A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-04-26
Score: 6.9 Medium
EPSS: 1.7% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The flaw resides in the browser-connector.ts module of AgentDeskAI browser-tools-mcp, affecting versions up to 1.2.0. Unvalidated input in an unknown processing routine allows an attacker to inject operating–system commands, resulting in remote command execution. The vulnerability is classified under CWE-77 and CWE-78 and the exploit can be triggered from a remote location. The exploit has been published and may already be used in attacks.

Affected Systems

AgentDeskAI’s browser-tools-mcp package, specifically any deployment of the browser-tools-mcp component no newer than version 1.2.0. No further sub‑product or version details are available beyond the overall package name.

Risk and Exploitability

The CVSS score of 6.9 places the flaw in the high‑to‑moderate severity range, meaning a successful exploit would grant the attacker full control over system commands. An EPSS score of 2% indicates a low but non‑negligible exploitation probability; attacks remain uncommon, but the presence of a publicly available exploit introduces a real threat. Because the vulnerability can be triggered from remote connections, the risk remains significant until a patch is applied or mitigated. The lack of a KEV listing indicates that the vulnerability is not actively tracked as a high‑profile threat, but it still warrants timely action.

Generated by OpenCVE AI on June 18, 2026 at 08:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade AgentDeskAI browser-tools-mcp to a non‑affected version (1.2.1 or later) as soon as the vendor releases a fix.
  • If an upgrade is not immediately possible, block or remove access to the browser-connector.ts component from external inputs to prevent exploitation.
  • Implement input validation or operating‑system command whitelisting around the vulnerable routines to mitigate command injection risk.
  • Monitor system logs for anomalous command execution and alert on suspicious activity.

Generated by OpenCVE AI on June 18, 2026 at 08:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 27 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
First Time appeared Agentdeskai
Agentdeskai browser-tools-mcp
Vendors & Products Agentdeskai
Agentdeskai browser-tools-mcp

Mon, 27 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 26 Apr 2026 23:00:00 +0000

Type Values Removed Values Added
Description A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
Title AgentDeskAI browser-tools-mcp browser-connector.ts os command injection
Weaknesses CWE-77
CWE-78
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}


Subscriptions

Agentdeskai Browser-tools-mcp
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-27T13:30:40.351Z

Reserved: 2026-04-26T07:10:46.427Z

Link: CVE-2026-7064

cve-icon Vulnrichment

Updated: 2026-04-27T13:13:01.524Z

cve-icon NVD

Status : Deferred

Published: 2026-04-26T23:16:21.907

Modified: 2026-06-17T11:01:44.853

Link: CVE-2026-7064

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T09:00:16Z

Weaknesses
  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')

  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')