Product

P_69_branch_monkey_mcp

1 brief RSS

OS Command Injection Vulnerability in p_69_branch_monkey_mcp Preview Endpoint (CVE-2026-7590)

A remote attacker can inject OS commands by manipulating the dev_script argument in the Preview Endpoint of eyal-gor's p_69_branch_monkey_mcp (up to commit 69bc71874ce40050ef45fde5a435855f18af3373), leading to arbitrary code execution on the server.

p_69_branch_monkey_mcp command-injection web-application cve

2r 1t 1c 2d ago