{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-10619", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-09-17T11:36:32.032Z", "datePublished": "2025-09-17T21:02:11.492Z", "dateUpdated": "2025-09-18T13:59:51.758Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-09-17T21:02:11.492Z"}, "title": "sequa-ai sequa-mcp OAuth Server Discovery node-oauth-client-provider.ts redirectToAuthorization os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "sequa-ai", "product": "sequa-mcp", "versions": [{"version": "1.0.0", "status": "affected"}, {"version": "1.0.1", "status": "affected"}, {"version": "1.0.2", "status": "affected"}, {"version": "1.0.3", "status": "affected"}, {"version": "1.0.4", "status": "affected"}, {"version": "1.0.5", "status": "affected"}, {"version": "1.0.6", "status": "affected"}, {"version": "1.0.7", "status": "affected"}, {"version": "1.0.8", "status": "affected"}, {"version": "1.0.9", "status": "affected"}, {"version": "1.0.10", "status": "affected"}, {"version": "1.0.11", "status": "affected"}, {"version": "1.0.12", "status": "affected"}, {"version": "1.0.13", "status": "affected"}, {"version": "1.0.14", "status": "unaffected"}], "modules": ["OAuth Server Discovery"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in sequa-ai sequa-mcp up to 1.0.13. This affects the function redirectToAuthorization of the file src/helpers/node-oauth-client-provider.ts of the component OAuth Server Discovery. Performing manipulation results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.0.14 is able to mitigate this issue. The patch is named e569815854166db5f71c2e722408f8957fb9e804. It is recommended to upgrade the affected component. The vendor explains: \"We only promote that mcp server with our own URLs that have a valid response, but yes if someone would use it with a non sequa url, this is a valid attack vector. We have released a new version (1.0.14) that fixes this and validates that only URLs can be opened.\""}, {"lang": "de", "value": "In sequa-ai sequa-mcp bis 1.0.13 wurde eine Schwachstelle gefunden. Es ist betroffen die Funktion redirectToAuthorization der Datei src/helpers/node-oauth-client-provider.ts der Komponente OAuth Server Discovery. Dank der Manipulation mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden. Ein Upgrade auf Version 1.0.14 ist in der Lage, dieses Problem zu adressieren. Der Patch heisst e569815854166db5f71c2e722408f8957fb9e804. Es wird empfohlen, die betroffene Komponente zu aktualisieren."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2025-09-17T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-09-17T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-09-17T13:41:52.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "yhryhryhr_ (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.324646", "name": "VDB-324646 | sequa-ai sequa-mcp OAuth Server Discovery node-oauth-client-provider.ts redirectToAuthorization os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.324646", "name": "VDB-324646 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.650189", "name": "Submit #650189 | Github https://github.com/sequa-ai/sequa-mcp 0.0.1 OS Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://lavender-bicycle-a5a.notion.site/Sequa-MCP-RCE-26853a41781f807da1c0cd158f9e3e1a?source=copy_link", "tags": ["exploit"]}, {"url": "https://github.com/sequa-ai/sequa-mcp/commit/e569815854166db5f71c2e722408f8957fb9e804", "tags": ["patch"]}], "tags": ["x_open-source"]}, "adp": [{"references": [{"url": "https://lavender-bicycle-a5a.notion.site/Sequa-MCP-RCE-26853a41781f807da1c0cd158f9e3e1a", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-18T13:59:48.875618Z", "id": "CVE-2025-10619", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-18T13:59:51.758Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-10619", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-18T13:59:48.875618Z"}}}], "references": [{"url": "https://lavender-bicycle-a5a.notion.site/Sequa-MCP-RCE-26853a41781f807da1c0cd158f9e3e1a", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-18T13:59:40.631Z"}}], "cna": {"tags": ["x_open-source"], "title": "sequa-ai sequa-mcp OAuth Server Discovery node-oauth-client-provider.ts redirectToAuthorization os command injection", "credits": [{"lang": "en", "type": "reporter", "value": "yhryhryhr_ (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "affected": [{"vendor": "sequa-ai", "modules": ["OAuth Server Discovery"], "product": "sequa-mcp", "versions": [{"status": "affected", "version": "1.0.0"}, {"status": "affected", "version": "1.0.1"}, {"status": "affected", "version": "1.0.2"}, {"status": "affected", "version": "1.0.3"}, {"status": "affected", "version": "1.0.4"}, {"status": "affected", "version": "1.0.5"}, {"status": "affected", "version": "1.0.6"}, {"status": "affected", "version": "1.0.7"}, {"status": "affected", "version": "1.0.8"}, {"status": "affected", "version": "1.0.9"}, {"status": "affected", "version": "1.0.10"}, {"status": "affected", "version": "1.0.11"}, {"status": "affected", "version": "1.0.12"}, {"status": "affected", "version": "1.0.13"}, {"status": "unaffected", "version": "1.0.14"}]}], "timeline": [{"lang": "en", "time": "2025-09-17T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-09-17T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-09-17T13:41:52.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.324646", "name": "VDB-324646 | sequa-ai sequa-mcp OAuth Server Discovery node-oauth-client-provider.ts redirectToAuthorization os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.324646", "name": "VDB-324646 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.650189", "name": "Submit #650189 | Github https://github.com/sequa-ai/sequa-mcp 0.0.1 OS Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://lavender-bicycle-a5a.notion.site/Sequa-MCP-RCE-26853a41781f807da1c0cd158f9e3e1a?source=copy_link", "tags": ["exploit"]}, {"url": "https://github.com/sequa-ai/sequa-mcp/commit/e569815854166db5f71c2e722408f8957fb9e804", "tags": ["patch"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in sequa-ai sequa-mcp up to 1.0.13. This affects the function redirectToAuthorization of the file src/helpers/node-oauth-client-provider.ts of the component OAuth Server Discovery. Performing manipulation results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.0.14 is able to mitigate this issue. The patch is named e569815854166db5f71c2e722408f8957fb9e804. It is recommended to upgrade the affected component. The vendor explains: \"We only promote that mcp server with our own URLs that have a valid response, but yes if someone would use it with a non sequa url, this is a valid attack vector. We have released a new version (1.0.14) that fixes this and validates that only URLs can be opened.\""}, {"lang": "de", "value": "In sequa-ai sequa-mcp bis 1.0.13 wurde eine Schwachstelle gefunden. Es ist betroffen die Funktion redirectToAuthorization der Datei src/helpers/node-oauth-client-provider.ts der Komponente OAuth Server Discovery. Dank der Manipulation mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Es ist m\u00f6glich, den Angriff aus der Ferne durchzuf\u00fchren. Der Exploit wurde der \u00d6ffentlichkeit bekannt gemacht und k\u00f6nnte verwendet werden. Ein Upgrade auf Version 1.0.14 ist in der Lage, dieses Problem zu adressieren. Der Patch heisst e569815854166db5f71c2e722408f8957fb9e804. Es wird empfohlen, die betroffene Komponente zu aktualisieren."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "OS Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-09-17T21:02:11.492Z"}}}, "cveMetadata": {"cveId": "CVE-2025-10619", "state": "PUBLISHED", "dateUpdated": "2025-09-18T13:59:51.758Z", "dateReserved": "2025-09-17T11:36:32.032Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-09-17T21:02:11.492Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was detected in sequa-ai sequa-mcp up to 1.0.13. This affects the function redirectToAuthorization of the file src/helpers/node-oauth-client-provider.ts of the component OAuth Server Discovery. Performing manipulation results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used. Upgrading to version 1.0.14 is able to mitigate this issue. The patch is named e569815854166db5f71c2e722408f8957fb9e804. It is recommended to upgrade the affected component. The vendor explains: \"We only promote that mcp server with our own URLs that have a valid response, but yes if someone would use it with a non sequa url, this is a valid attack vector. We have released a new version (1.0.14) that fixes this and validates that only URLs can be opened.\""}], "id": "CVE-2025-10619", "lastModified": "2025-09-18T14:15:46.077", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "[email protected]", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-09-17T21:15:37.463", "references": [{"source": "[email protected]", "url": "https://github.com/sequa-ai/sequa-mcp/commit/e569815854166db5f71c2e722408f8957fb9e804"}, {"source": "[email protected]", "url": "https://lavender-bicycle-a5a.notion.site/Sequa-MCP-RCE-26853a41781f807da1c0cd158f9e3e1a?source=copy_link"}, {"source": "[email protected]", "url": "https://vuldb.com/?ctiid.324646"}, {"source": "[email protected]", "url": "https://vuldb.com/?id.324646"}, {"source": "[email protected]", "url": "https://vuldb.com/?submit.650189"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://lavender-bicycle-a5a.notion.site/Sequa-MCP-RCE-26853a41781f807da1c0cd158f9e3e1a"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-78"}], "source": "[email protected]", "type": "Secondary"}]}

{}