CVE-2026-23744
📋 TL;DR
MCPJam inspector versions 1.4.2 and earlier contain a critical remote code execution vulnerability. Attackers can send a crafted HTTP request that triggers installation of malicious MCP servers, leading to complete system compromise. All systems running vulnerable versions with default network configuration are affected.
💻 Affected Systems
- MCPJam inspector
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system takeover with attacker gaining full control over the host, data exfiltration, lateral movement, and persistent backdoor installation.
Likely Case
Remote code execution leading to data theft, cryptocurrency mining, or ransomware deployment on vulnerable systems.
If Mitigated
Limited impact if proper network segmentation and access controls prevent external access to the vulnerable service.
🎯 Exploit Status
Exploitation requires only a crafted HTTP request to the vulnerable endpoint. No authentication or special privileges needed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.4.3
Vendor Advisory: https://github.com/MCPJam/inspector/security/advisories/GHSA-232v-j27c-5pp6
Restart Required: Yes
Instructions:
1. Stop MCPJam inspector service. 2. Update to version 1.4.3 via package manager or manual installation. 3. Restart the service. 4. Verify the service is running the patched version.
🔧 Temporary Workarounds
Network Access Restriction
linuxConfigure firewall rules to restrict access to MCPJam inspector port (default 3000) to localhost only.
sudo ufw deny 3000
sudo iptables -A INPUT -p tcp --dport 3000 -s 127.0.0.1 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 3000 -j DROP
Service Binding Restriction
allConfigure MCPJam inspector to bind only to localhost interface instead of all interfaces.
Edit configuration to set bind address to 127.0.0.1 instead of 0.0.0.0
🧯 If You Can't Patch
- Immediately implement network segmentation and firewall rules to restrict access to the vulnerable service
- Monitor for suspicious HTTP requests to the MCPJam inspector endpoint and unusual process creation
🔍 How to Verify
Check if Vulnerable:
Check if MCPJam inspector version is 1.4.2 or earlier and if service is bound to 0.0.0.0Check Version:
mcpjam-inspector --version or check package managerVerify Fix Applied:
Verify version is 1.4.3 or later and service binds only to localhost interface📡 Detection & Monitoring
Log Indicators:
- Unusual HTTP POST requests to MCPJam inspector endpoints
- Unexpected MCP server installation events
- Suspicious process creation from MCPJam inspector
Network Indicators:
- HTTP requests with crafted payloads to port 3000 from external IPs
- Outbound connections from MCPJam inspector to suspicious domains
SIEM Query:
source="mcpjam-inspector.log" AND (http_method="POST" AND uri="/install" OR process_name="mcpjam" AND parent_process="unexpected")