mcp-remote exposed to OS command injection via untrusted MCP server connections
mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL
Advisories for Npm/Mcp-Remote package
2025