Product
The choieastsea simple-openstack-mcp application is vulnerable to OS command injection via the exec_openstack function in server.py, allowing remote attackers to execute arbitrary commands.