CVE-2026-3484 – This CVE describes a command injection vulnerab... (How to Fix)

Q: What is the severity of CVE-2026-3484?

CVE-2026-3484 has a CVSS score of 6.3 (MEDIUM). This CVE describes a command injection vulnerability in PhialsBasement's nmap-mcp-server that allows attackers to execute arbitrary commands on the system. The vulnerability exists in the child_process.exec function of the Nmap CLI Command Handler component and can be exploited remotely. Users of this software are affected until they apply the security patch.

📋 TL;DR

This CVE describes a command injection vulnerability in PhialsBasement's nmap-mcp-server that allows attackers to execute arbitrary commands on the system. The vulnerability exists in the child_process.exec function of the Nmap CLI Command Handler component and can be exploited remotely. Users of this software are affected until they apply the security patch.

💻 Affected Systems

Products:

PhialsBasement nmap-mcp-server

Versions: All versions up to commit bee6d23547d57ae02460022f7c78ac0893092e38

Operating Systems: All operating systems running the vulnerable software

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the rolling release system; specific version numbers are not disclosed due to continuous delivery model.

📦 What is this software?

Mcp Nmap Server by Phialsbasement

View all CVEs affecting Mcp Nmap Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise allowing attacker to execute arbitrary commands with the privileges of the nmap-mcp-server process, potentially leading to data theft, system takeover, or lateral movement.

🟠

Likely Case

Remote code execution allowing attackers to run unauthorized commands, potentially compromising the host system and any connected networks.

🟢

If Mitigated

Limited impact if proper input validation and sandboxing are implemented, restricting command execution to authorized nmap operations only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Command injection vulnerabilities typically have low exploitation complexity when unauthenticated remote access is available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Commit 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488

Vendor Advisory: https://github.com/PhialsBasement/nmap-mcp-server/commit/30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488

Restart Required: Yes

Instructions:

1. Update to the latest version of nmap-mcp-server. 2. Apply commit 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488. 3. Restart the nmap-mcp-server service.

🔧 Temporary Workarounds

Input Validation Enhancement

all

Implement strict input validation for all user-supplied parameters passed to the Nmap CLI Command Handler

# Review and sanitize all user inputs in src/index.ts

Network Access Restriction

linux

Restrict network access to the nmap-mcp-server to trusted IP addresses only

# Use firewall rules to limit access: iptables -A INPUT -p tcp --dport [PORT] -s [TRUSTED_IP] -j ACCEPT
# iptables -A INPUT -p tcp --dport [PORT] -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to isolate the vulnerable system from critical assets
Deploy application-level firewalls or WAFs with command injection detection rules

🔍 How to Verify

Check if Vulnerable:

Check if your nmap-mcp-server version is before commit 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488

Check Version:

git log --oneline | head -1

Verify Fix Applied:

Verify that commit 30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488 is applied in your installation

📡 Detection & Monitoring

Log Indicators:

Unusual command execution patterns in nmap-mcp-server logs
Unexpected child process spawns from the nmap service

Network Indicators:

Unusual outbound connections from the nmap-mcp-server host
Suspicious command strings in network traffic to the service

SIEM Query:

source="nmap-mcp-server" AND (process_execution="*;*" OR process_execution="*|*" OR process_execution="*`*" OR process_execution="*$(*")

📊 Metadata

CVE ID: CVE-2026-3484

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-74

Published: March 3, 2026

Last Updated: March 5, 2026

🔗 References

https://github.com/PhialsBasement/nmap-mcp-server/ Product
https://github.com/PhialsBasement/nmap-mcp-server/commit/30a6b9e1c7fa6146f51e28d6ab83a2568d9a3488 Patch
https://github.com/PhialsBasement/nmap-mcp-server/issues/7 Exploit,Issue Tracking
https://github.com/PhialsBasement/nmap-mcp-server/issues/7#issuecomment-3814382570 Exploit,Issue Tracking
https://vuldb.com/?ctiid.348559 Permissions Required,VDB Entry
https://vuldb.com/?id.348559 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.763773 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.763777 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-3484, you might also want to check these: