CVE-2026-0757
Unknown Unknown - Not Provided
Command Injection in MCP Manager Enables Sandbox Escape

Publication date: 2026-01-23

Last updated on: 2026-01-23

Assigner: Zero Day Initiative

Description
MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of MCP config objects. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to escape the sandbox and execute arbitrary code in the context of the current process at medium integrity. Was ZDI-CAN-27810.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-23
Last Modified
2026-01-23
Generated
2026-06-16
AI Q&A
2026-01-24
EPSS Evaluated
2026-06-14
NVD
CVE-2026-0757
EUVD
EUVD-2026-4468
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
unknown_vendor mcp_manager_for_claude_desktop *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

To mitigate this vulnerability, avoid visiting untrusted webpages or opening suspicious files that could exploit the command injection flaw. Ensure that MCP Manager for Claude Desktop is updated with any patches provided by the vendor addressing this issue. Additionally, consider restricting network access to MCP Manager for Claude Desktop and monitoring for unusual process executions that may indicate sandbox escape attempts. [1]

Executive Summary

CVE-2026-0757 is a critical vulnerability in MCP Manager for Claude Desktop that allows remote attackers to perform command injection and escape the sandbox environment. The flaw exists because the software does not properly validate user-supplied strings when processing MCP config objects before using them in system calls. This means an attacker can execute arbitrary code with medium integrity privileges by tricking a user into visiting a malicious webpage or opening a malicious file. [1]

Impact Analysis

This vulnerability can impact you by allowing remote attackers to bypass the sandbox protections of MCP Manager for Claude Desktop and execute arbitrary code on your system with medium integrity privileges. This could lead to unauthorized actions, data compromise, or further system exploitation if a user interacts with malicious content such as a webpage or file. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0757. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart