Share
## https://sploitus.com/exploit?id=A16BA8CE-45E2-5AD4-8D67-1464C8070F18
# CVE-2026-25546 PoC - godot-mcp OS Command Injection

**Author:** Mohammed Idrees Banyamer  
**GitHub:** [mbanyamer](https://github.com/mbanyamer)  
**Date:** February 04, 2026

## Exploit Title
godot-mcp 
   npm install