A command injection vulnerability in the execute_command function of terminal-controller-mcp 0.1.7 allows attackers to execute arbitrary commands via a crafted input.
"https://github.com/pypa/advisory-database/blob/main/vulns/terminal-controller/PYSEC-2026-551.yaml"