Description

ADB MCP Server is a MCP (Model Context Protocol) server for interacting with Android devices through ADB. In versions 0.1.0 and prior, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. This issue has been patched via commit 041729c.

INFO

Published Date :

2025-09-25T13:41:15.676Z

Last Modified :

2025-09-25T14:36:27.801Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2025-59834 vulnerability.

Vendors Products
Adb Mcp Project
  • Adb Mcp
Google
  • Android
Srmorete
  • Adb Mcp Server
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-59834.

URL Resource
https://github.com/srmorete/adb-mcp/blob/master/src/index.ts#L334-L355 cve-icon cve-icon
https://github.com/srmorete/adb-mcp/commit/041729c0b25432df3199ff71b3163a307cf4c28c cve-icon cve-icon
https://github.com/srmorete/adb-mcp/security/advisories/GHSA-54j7-grvr-9xwg cve-icon cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact