Find real vulnerabilities before they ship
Vulnerability Database › npm › CVE-2025-6514
mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorization_endpoint response URL
Base Score