Command Injection Vulnerability in Markdownify Model Context Protocol Server
CVE-2025-58358

7.5HIGH

Key Information:

Vendor: Zcaceres
Status: Markdownify-mcp
Vendor: CVE Published:; 4 September 2025

What is CVE-2025-58358?

Markdownify, a Model Context Protocol server designed for converting various inputs to Markdown, is susceptible to a command injection vulnerability in versions prior to 0.0.2. This issue arises from inadequate sanitization of input parameters during the execution of child_process.exec, allowing attackers to execute arbitrary system commands. If leveraged successfully, this vulnerability can facilitate remote code execution under the privileges of the server process. The server's construction and execution of shell commands with unvalidated user input significantly increase the risk of shell metacharacter injection (such as |, >, &&, etc.). The issue has been mitigated in version 0.0.2.

Affected Version(s)

markdownify-mcp < 0.0.2

References

https://github.com/zcaceres/markdownify-mcp/security/advi...

x_refsource_CONFIRM

https://github.com/zcaceres/markdownify-mcp/commit/a31204...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 4, 2025
Vulnerability Reserved
Aug 29, 2025

Zcaceres

What is CVE-2025-58358?

Affected Version(s)

References

CVSS V3.1

Timeline