CVE-2025-64340
Description
FastMCP is the standard framework for building MCP applications. Prior to version 3.2.0, server names containing shell metacharacters (e.g., &) can cause command injection on Windows when passed to fastmcp install claude-code or fastmcp install gemini-cli. These install paths use subprocess.run() with a list argument, but on Windows the target CLIs often resolve to .cmd wrappers that are executed through cmd.exe, which interprets metacharacters in the flattened command string. This issue has been patched in version 3.2.0.
Risk Information
Base Score
6.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.028
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2025-64340,CVE-2026-27124,CVE-2026-32871 are fixed in Python-fastmcp 3.2.0 | Windows |
| Vulnerabilities CVE-2025-64340,CVE-2026-27124,CVE-2026-32871 are fixed in Python-fastmcp for linux 3.2.0 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234