CVE-2025-58062 HIGH

CVE-2025-58062: LSTM-Kirigaya's openmcp-client Vulnerable to RCE in MCP Authorization Flow

Vendor Lstm-Kirigaya
Product openmcp-client
Weakness CWE-78
Published August 28, 2025
Last update August 29, 2025

CVSS base score

7.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp developer. Prior to version 0.1.12, when users on a Windows platform connect to an attacker controlled MCP server, attackers could provision a malicious authorization server endpoint to silently achieve an OS command injection attack in the open() invocation, leading to client system compromise. This issue has been patched in version 0.1.12.

Key dates

02Disclosure timeline

August 28, 2025 CVE published
August 29, 2025 Record updated