Количество 2
Количество 2
CVE-2026-23744
MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch.
GHSA-232v-j27c-5pp6
REC in MCPJam inspector due to HTTP Endpoint exposes
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-23744 MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch. | CVSS3: 9.8 | 0% Низкий | 4 дня назад |
| GHSA-232v-j27c-5pp6 REC in MCPJam inspector due to HTTP Endpoint exposes | CVSS3: 9.8 | 0% Низкий | 4 дня назад |
Уязвимостей на страницу