{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-5602", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-05T13:30:33.910Z", "datePublished": "2026-04-05T22:15:15.172Z", "dateUpdated": "2026-04-06T15:05:58.388Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-05T22:15:15.172Z"}, "title": "Nor2-io heim-mcp new_heim_application tools.ts registerTools os command injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-78", "lang": "en", "description": "OS Command Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "Command Injection"}]}], "affected": [{"vendor": "Nor2-io", "product": "heim-mcp", "versions": [{"version": "0.1.0", "status": "affected"}, {"version": "0.1.1", "status": "affected"}, {"version": "0.1.2", "status": "affected"}, {"version": "0.1.3", "status": "affected"}], "modules": ["new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud. This manipulation causes os command injection. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name: c321d8af25f77668781e6ccb43a1336f9185df37. It is suggested to install a patch to address this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "timeline": [{"time": "2026-04-05T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-05T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-05T15:35:40.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Yinci Chen (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/355394", "name": "VDB-355394 | Nor2-io heim-mcp new_heim_application tools.ts registerTools os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355394/cti", "name": "VDB-355394 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/784862", "name": "Submit #784862 | Nor2-io heim-mcp <=0.1.3 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Nor2-io/heim-mcp/issues/1", "tags": ["issue-tracking"]}, {"url": "https://github.com/Nor2-io/heim-mcp/pull/2", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/user-attachments/files/25889482/heim-mcp_bug.pdf", "tags": ["exploit"]}, {"url": "https://github.com/Nor2-io/heim-mcp/commit/c321d8af25f77668781e6ccb43a1336f9185df37", "tags": ["patch"]}, {"url": "https://github.com/Nor2-io/heim-mcp/", "tags": ["product"]}], "tags": ["x_open-source"]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-06T15:05:49.703063Z", "id": "CVE-2026-5602", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:05:58.388Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-5602", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-06T15:05:49.703063Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-06T15:05:53.557Z"}}], "cna": {"tags": ["x_open-source"], "title": "Nor2-io heim-mcp new_heim_application tools.ts registerTools os command injection", "credits": [{"lang": "en", "type": "reporter", "value": "Yinci Chen (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 4.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4.3, "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:OF/RC:C"}}], "affected": [{"vendor": "Nor2-io", "modules": ["new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud"], "product": "heim-mcp", "versions": [{"status": "affected", "version": "0.1.0"}, {"status": "affected", "version": "0.1.1"}, {"status": "affected", "version": "0.1.2"}, {"status": "affected", "version": "0.1.3"}]}], "timeline": [{"lang": "en", "time": "2026-04-05T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-05T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-05T15:35:40.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/355394", "name": "VDB-355394 | Nor2-io heim-mcp new_heim_application tools.ts registerTools os command injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/355394/cti", "name": "VDB-355394 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/784862", "name": "Submit #784862 | Nor2-io heim-mcp <=0.1.3 Command Injection", "tags": ["third-party-advisory"]}, {"url": "https://github.com/Nor2-io/heim-mcp/issues/1", "tags": ["issue-tracking"]}, {"url": "https://github.com/Nor2-io/heim-mcp/pull/2", "tags": ["issue-tracking", "patch"]}, {"url": "https://github.com/user-attachments/files/25889482/heim-mcp_bug.pdf", "tags": ["exploit"]}, {"url": "https://github.com/Nor2-io/heim-mcp/commit/c321d8af25f77668781e6ccb43a1336f9185df37", "tags": ["patch"]}, {"url": "https://github.com/Nor2-io/heim-mcp/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud. This manipulation causes os command injection. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name: c321d8af25f77668781e6ccb43a1336f9185df37. It is suggested to install a patch to address this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "OS Command Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "Command Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-05T22:15:15.172Z"}}}, "cveMetadata": {"cveId": "CVE-2026-5602", "state": "PUBLISHED", "dateUpdated": "2026-04-06T15:05:58.388Z", "dateReserved": "2026-04-05T13:30:33.910Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-05T22:15:15.172Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in Nor2-io heim-mcp up to 0.1.3. Impacted is the function registerTools of the file src/tools.ts of the component new_heim_application/deploy_heim_application/deploy_heim_application_to_cloud. This manipulation causes os command injection. The attack requires local access. The exploit has been publicly disclosed and may be utilized. Patch name: c321d8af25f77668781e6ccb43a1336f9185df37. It is suggested to install a patch to address this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product."}], "id": "CVE-2026-5602", "lastModified": "2026-04-29T01:00:01.613", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.1, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 1.9, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-05T23:16:19.497", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/Nor2-io/heim-mcp/"}, {"source": "cna@vuldb.com", "url": "https://github.com/Nor2-io/heim-mcp/commit/c321d8af25f77668781e6ccb43a1336f9185df37"}, {"source": "cna@vuldb.com", "url": "https://github.com/Nor2-io/heim-mcp/issues/1"}, {"source": "cna@vuldb.com", "url": "https://github.com/Nor2-io/heim-mcp/pull/2"}, {"source": "cna@vuldb.com", "url": "https://github.com/user-attachments/files/25889482/heim-mcp_bug.pdf"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/784862"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355394"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/355394/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}, {"lang": "en", "value": "CWE-78"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.1.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.1.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.1.2"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.1.3"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "heim-mcp", "source": "cna", "vendor": "Nor2-io"}, "product": "heim-mcp", "vendor": "nor2-io"}], "analysis": {"en": {"generated_at": "2026-04-06T01:21:22.806475+00:00", "value": {"mitigation_remediation": ["Apply the vendor\u2019s patch commit c321d8af25f77668781e6ccb43a1336f9185df37 to update heim-mcp to a version newer than 0.1.3.", "Verify that the updated version is running and that the registerTools functionality no longer accepts unsanitized input.", "Run the application with the least privileges necessary to limit potential damage.", "Monitor system logs for unexpected command executions and alert on anomalous activities."], "summary": {"action": "Patch", "impact": "Command Injection"}, "threat_synthesis": {"affected_systems": "Nor2-io heim\u2011mcp, versions up to 0.1.3, including the deploy_heim_application_to_cloud module. The patch identified by commit c321d8af25f77668781e6ccb43a1336f9185df37 resolves the issue. No other vendors or products are listed.", "description_and_impact": "The registerTools function in src/tools.ts for the new_heim_application component accepts untrusted input and executes it as an OS command, creating an OS command injection flaw that allows an attacker with local access to run arbitrary shell commands. This flaw can compromise the integrity and availability of the affected system, and potentially expose sensitive information if commands are used to read or modify data.", "risk_and_exploitability": "The CVSS score of 4.8 reflects a medium severity, and the vulnerability is not listed in CISA\u2019s KEV catalog. Exploitation requires local access and is publicly disclosed. With the public exploit available, a local attacker can leverage the flaw until remediation. The lack of EPSS data makes precise predictability unclear, but the existence of a public exploit elevates the urgency to apply the available patch."}}}}, "created": "2026-04-06T20:22:14.903577+00:00", "updated": "2026-04-06T21:48:06.387192+00:00", "vendors": ["nor2-io", "nor2-io$PRODUCT$heim-mcp"]}