CVE-2026-23744

MCPJam · inspector

A remote code execution vulnerability in MCPJam inspector allows unauthenticated attackers to execute arbitrary code via crafted HTTP requests.

Executive summary

A critical remote code execution vulnerability in the MCPJam inspector platform allows unauthenticated attackers to gain full system control via the network.

Vulnerability

This vulnerability stems from the default configuration where the inspector listens on all network interfaces (0.0.0.0) instead of local-only (127.0.0.1), combined with a flaw that allows remote code execution via a crafted HTTP request.

Business impact

The CVSS score of 9.8 highlights the extreme risk of this vulnerability. Successful exploitation allows for complete remote compromise of the server, which can lead to data theft, malware installation, and long-term persistence within the business network.

Remediation

Immediate Action: Update the MCPJam inspector software to version 1.4.3 or later immediately.

Proactive Monitoring: Monitor network traffic for unexpected HTTP requests to the inspector service and check for unauthorized process execution or file modifications on the host server.

Compensating Controls: Bind the service to 127.0.0.1 via configuration files if an immediate update is not feasible, and restrict network access via host-based firewalls.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

This vulnerability is highly dangerous due to its remote, unauthenticated nature. It is imperative to update to version 1.4.3 immediately and ensure the service is not exposed to untrusted networks to prevent potential remote code execution attacks.