CVE-2026-23744

MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/MCPJam/inspector/commit/e6b9cf9d9e6c9cbec31493b1bdca3a1255fe3e7a	Patch
https://github.com/MCPJam/inspector/security/advisories/GHSA-232v-j27c-5pp6	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:mcpjam:inspector:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2026-01-16 20:15

Updated : 2026-03-13 14:19

NVD link : CVE-2026-23744

Mitre link : CVE-2026-23744

CVE.ORG link : CVE-2026-23744

JSON object : View

Products Affected

mcpjam

inspector

CWE

CWE-306

Missing Authentication for Critical Function

{"id": "CVE-2026-23744", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2026-01-16T20:15:51.763", "references": [{"url": "https://github.com/MCPJam/inspector/commit/e6b9cf9d9e6c9cbec31493b1bdca3a1255fe3e7a", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/MCPJam/inspector/security/advisories/GHSA-232v-j27c-5pp6", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-306"}]}], "descriptions": [{"lang": "en", "value": "MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch."}, {"lang": "es", "value": "MCPJam inspector es la plataforma de desarrollo local-first para servidores MCP. Las versiones 1.4.2 y anteriores tienen una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo (RCE), que permite a un atacante enviar una solicitud HTTP manipulada que desencadena la instalaci\u00f3n de un servidor MCP, lo que lleva a un RCE. Dado que MCPJam inspector por defecto escucha en 0.0.0.0 en lugar de 127.0.0.1, un atacante puede provocar la RCE de forma remota a trav\u00e9s de una simple solicitud HTTP. La versi\u00f3n 1.4.3 contiene un parche."}], "lastModified": "2026-03-13T14:19:59.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcpjam:inspector:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D462285-6F2E-445A-B169-77B9CC71AD45", "versionEndExcluding": "1.4.3"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}