CVE-2026-30625 — Upsonic: remote code execution vulnerability in its MCP server/task creation fun

Description

Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/task creation functionality. The application allows users to define MCP tasks with arbitrary command and args values. Although an allowlist exists, certain allowed commands (npm, npx) accept argument flags that enable execution of arbitrary OS commands. Maliciously crafted MCP tasks may lead to remote code execution with the privileges of the Upsonic process. In version 0.72.0 Upsonic added a warning about using Stdio servers being able to execute commands directly on the machine.

How to fix CVE-2026-30625

To remediate CVE-2026-30625, upgrade the affected package to a fixed version below.

—upgrade to 0.72.0 or later

Is CVE-2026-30625 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, < 0.72.0

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	CRITICAL9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References (4)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2026-30625
PATCHgithub.com/Upsonic/Upsonic
WEBgithub.com/Upsonic/Upsonic/commit/855053fce0662227d9246268ff4a0844b481a305
WEBwww.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem