CVE-2025-10619 is a security vulnerability identified in the sequa-ai sequa-mcp product, specifically affecting versions up to 1.0.13. The flaw exists in the redirectToAuthorization function within the src/helpers/node-oauth-client-provider.ts file, which is part of the OAuth Server Discovery component. The vulnerability is an OS command injection, meaning that an attacker can manipulate input parameters to execute arbitrary operating system commands on the affected server. This occurs because the function fails to properly validate or sanitize URLs before using them in a command execution context. The vendor notes that the vulnerability arises if the server is used with non-sequa URLs, which can be exploited remotely without authentication or user interaction. The exploit code has been publicly disclosed, increasing the risk of exploitation. The vendor has released version 1.0.14 to address this issue by enforcing validation to ensure only URLs from sequa domains are accepted, effectively mitigating the injection vector. The CVSS 4.0 base score is 5.3 (medium severity), reflecting network attack vector, low attack complexity, no privileges or user interaction required, but limited impact on confidentiality, integrity, and availability. No known exploits in the wild have been reported yet, but the public availability of the exploit increases the urgency for patching. This vulnerability is critical for environments where sequa-mcp is deployed as it could allow attackers to execute arbitrary commands remotely, potentially leading to system compromise or lateral movement within the network.

For European organizations using sequa-ai sequa-mcp, this vulnerability poses a significant risk, especially in sectors relying on OAuth-based authentication and authorization services. Successful exploitation could lead to unauthorized command execution on critical infrastructure, potentially compromising sensitive data, disrupting services, or enabling further attacks such as privilege escalation or lateral movement. Given the nature of OAuth servers as gatekeepers for identity and access management, a breach here could undermine trust in authentication processes and lead to broader security incidents. Organizations in finance, healthcare, government, and critical infrastructure sectors are particularly at risk due to the sensitive nature of their data and regulatory requirements under GDPR. The medium severity score suggests moderate impact, but the ease of remote exploitation without authentication elevates the threat level. Additionally, the public availability of exploit code increases the likelihood of opportunistic attacks, making timely patching essential to prevent potential breaches and operational disruptions.

European organizations should immediately upgrade sequa-mcp to version 1.0.14 or later, which includes the necessary validation to prevent OS command injection. Beyond patching, organizations should implement strict input validation and sanitization for all URLs and parameters processed by OAuth components. Network segmentation should be employed to isolate authentication servers from less trusted network zones, limiting exposure. Monitoring and logging of OAuth server activities should be enhanced to detect anomalous command execution attempts. Employing application-layer firewalls or runtime application self-protection (RASP) solutions can provide additional defense against injection attacks. Organizations should also review their OAuth configurations to ensure only trusted URLs and domains are permitted, and conduct regular security assessments and penetration testing focused on authentication infrastructure. Finally, incident response plans should be updated to address potential exploitation scenarios involving OAuth server compromise.