Skip to main content

AI / ML CVE-2026-23744

CRITICAL
Missing Authentication for Critical Function (CWE-306)
2026-01-16 security-advisories@github.com GHSA-232v-j27c-5pp6
RCE Authentication Bypass AI / ML Inspector
9.8
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
CVE Published
Jan 16, 2026 - 20:15 nvd
CRITICAL 9.8

DescriptionGitHub Advisory

MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch.

AnalysisAI

MCPJam Inspector versions 1.4.2 and earlier allow unauthenticated remote code execution through missing authentication in the MCP server debugging platform, with EPSS 17.2% indicating active scanning.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Send crafted HTTP request to MCPJam inspector
Exploit
Trigger MCP server installation
Impact
Execute arbitrary code remotely
Sign in to reveal

Vulnerability AssessmentAI

Exploitation MCPJam inspector versions 1.4.2 and earlier listening on 0.0.0.0 (default configuration) instead of 127.0.0.1, allowing remote HTTP access to the installation endpoint. Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 9.8, EPSS 17.2% — very high exploitation probability. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker scans for exposed MCPJam Inspector instances (common on developer machines), accesses the unauthenticated API to invoke MCP tools, and achieves code execution on the developer's workstation, potentially compromising CI/CD pipelines.
Remediation Update MCPJam Inspector. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Identify all affected systems and apply vendor patches immediately. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-23744 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy