CVE-2026-23744 PoC — MCPJam Inspector 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2026/CVE-2026-23744.yaml

Associated Vulnerability

Title:MCPJam Inspector 安全漏洞 (CVE-2026-23744)
Description:MCPJam Inspector是MCPJam开源的一个针对模型上下文协议的开源调试与质量分析工具。 MCPJam inspector 1.4.2及之前版本存在安全漏洞，该漏洞源于特制HTTP请求可触发MCP服务器安装，可能导致远程代码执行。

Description

MCPJam inspector is the local-first development platform for MCP servers. The Latest version 1.4.2 and earlier are vulnerable to a remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE.

File Snapshot


 id: CVE-2026-23744

info:
  name: MCPJam Inspector - Remote Code Execution
  author: Louay-075
  sev

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!