baryhuang CVE Vulnerabilities & CVE List (1)

Products (CPE): — CVEs: 1

baryhuang vulnerability overview

This page aggregates publicly disclosed CVE and security risk information related to baryhuang, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

Vulnerability distribution trend (last 24 months)

Showing 11 of 1 CVEs
«« First « Prev Page 1 / 1 Next »
CVE Summary Source Max CVSS EPSS % Published Updated
CVE-2025-63604 A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that allows remote code execution through insufficient input validation in the execute_query method. The vulnerability stems from the exposure of dangerous Python built-in functions (__import__, getattr, hasattr) in the execution namespace and the direct use of exec() to execute user-supplied code. An attacker can craft malicious queries to execute arbitrary Python code, leading to AWS credential theft (AWS_ [email protected] 6.5 0.30% 2025-11-18 2026-06-17
«« First « Prev Page 1 / 1 Next »
cvelogic Threat Intelligence