CNNVD-202601-2740 Information

CNNVD ID

CNNVD-202601-2740

Related CVE

CVE-2026-23744

• CNNVD Published: 2026-01-16

Description (Chinese)

MCPJam Inspector是MCPJam开源的一个针对模型上下文协议的开源调试与质量分析工具。 MCPJam inspector 1.4.2及之前版本存在安全漏洞，该漏洞源于特制HTTP请求可触发MCP服务器安装，可能导致远程代码执行。

Description (English)

MCPJam Inspector is an open source debugging and quality analysis tool for the MCPJam open source for model context protocols. There is a security loophole in MCPJam inspector 1.4.2 and earlier versions, which stems from the request of the specially designed HTTP to trigger the installation of the MCP server, which may result in remote code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

MCPJam

Published

2026-01-16

Last Modified

2026-02-24

References

https://github.com/MCPJam/inspector/commit/e6b9cf9d9e6c9cbec31493b1bdca3a1255fe3e7a https://github.com/MCPJam/inspector/security/advisories/GHSA-232v-j27c-5pp6 https://access.redhat.com/security/cve/cve-2026-23744

Patch

https://www.mcpjam.com/