CVE-2026-5602
Nor2-io heim-mcp new_heim_application tools.ts registerTools os command injection
A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud. This manipulation causes os command injection. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name: c321d8af25f77668781e6ccb43a1336f9185df37. It is suggested to install a patch to address this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Affected products
Nor2-io · heim-mcppublic PoCs found — 1
cve_referencegithub.com/user-attachments/files/25889482/heim-mcp_bug.pdfunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/Nor2-io/heim-mcp/https://github.com/Nor2-io/heim-mcp/commit/c321d8af25f77668781e6ccb43a1336f9185df37https://github.com/Nor2-io/heim-mcp/issues/1https://github.com/Nor2-io/heim-mcp/pull/2https://github.com/user-attachments/files/25889482/heim-mcp_bug.pdfhttps://vuldb.com/submit/784862https://vuldb.com/vuln/355394https://vuldb.com/vuln/355394/cti