CVE-2025-35028: HexStrike AI MCP Server Command Injection Vulnerability Type: Command Injection (CWE-78) CVSS Score: 9.1 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N) Vulnerable Software: HexStrike AI MCP Server Affected Version: Not explicitly tagged (commit 33267047667b9accfbbf0fdac1c1c7ff12f3a5512) Issue Description: - An attacker can inject commands starting with a semi-colon ( ) into the API endpoint. - Commands are executed with root privileges. - No sanitization is performed on the input arguments. Impact: Total compromise of the MCP server’s environment if accessible over normal TCP/IP network interface. Timeline: Presented at AHA! meeting: 2025-09-25 Disclosed to vendor: 2025-10-01 Reminder to vendor: 2025-11-20 Public disclosure: 2025-11-30 Examples: Credit: Discovered by Jippen of AHA!