All 3 CVE vulnerabilities found in inspector, with AI-generated Chinese analysis, references, and POCs.
Vendor: modelcontextprotocol
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-23744 | REC in MCPJam inspector due to HTTP Endpoint exposes CWE-306 | 9.8 | Critical | 2026-01-16 |
| CVE-2025-58444 | MCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP Server CWE-84 | 6.1AI | MediumAI | 2025-09-08 |
| CVE-2025-49596 | MCP Inspector proxy server lacks authentication between the Inspector client and proxy CWE-306 | 9.8AI | CriticalAI | 2025-06-13 |
All 3 known CVE vulnerabilities affecting inspector with full Chinese analysis, references, and POCs where available.