EUVD-2026-20623

🗓️ 08 Apr 2026 21:33:33Reported by EUVDType

Vulnerability in idachev mcp-javadc up to 1.2.4 enables remote OS command injection via jarFilePath in interface.

Reporter	Title	Published	Views	Family All 10
ATTACKERKB	CVE-2026-5802	8 Apr 202620:00	–	attackerkb
Circl	CVE-2026-5802	9 Apr 202601:27	–	circl
CNNVD	MCP Java Decompiler Server 操作系统命令注入漏洞	8 Apr 202600:00	–	cnnvd
CVE	CVE-2026-5802	8 Apr 202620:00	–	cve
Cvelist	CVE-2026-5802 idachev mcp-javadc HTTP os command injection	8 Apr 202620:00	–	cvelist
NVD	CVE-2026-5802	8 Apr 202620:16	–	nvd
Positive Technologies	PT-2026-31446	8 Apr 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-5802	11 Apr 202601:21	–	redhatcve
Snyk	Arbitrary Command Injection	8 Apr 202621:10	–	snyk
Vulnrichment	CVE-2026-5802 idachev mcp-javadc HTTP os command injection	8 Apr 202620:00	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "bec8ee1b-1bf0-3ffe-b6f0-bddcce7a96f3",
        "vendor": {
          "name": "idachev"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "02912e8b-b8e1-3cfc-8f3d-88409a73fb8c",
        "product": {
          "name": "mcp-javadc"
        },
        "product_version": "1.2.0"
      },
      {
        "id": "650dffc2-acc8-3d30-8fef-c2a8d8bb7ddc",
        "product": {
          "name": "mcp-javadc"
        },
        "product_version": "1.2.2"
      },
      {
        "id": "712a8363-828f-3a18-8ec6-c467359ba687",
        "product": {
          "name": "mcp-javadc"
        },
        "product_version": "1.2.4"
      },
      {
        "id": "9300bdc0-1886-3d50-a0fc-1ec8220e5eb0",
        "product": {
          "name": "mcp-javadc"
        },
        "product_version": "1.2.3"
      },
      {
        "id": "dd0805be-c1fa-355e-9382-6bbdce05d401",
        "product": {
          "name": "mcp-javadc"
        },
        "product_version": "1.2.1"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/356241
vuldb	www.vuldb.com/vuln/356241/cti
vuldb	www.vuldb.com/submit/786974
github	www.github.com/idachev/mcp-javadc/issues/7
github	www.github.com/BruceJqs/public_exp/issues/2
github	www.github.com/idachev/mcp-javadc/
nvd	www.nvd.nist.gov/vuln/detail/CVE-2026-5802

08 Apr 2026 21:33Current

5.6Medium risk

Vulners AI Score5.6

CVSS 46.9

CVSS 3.17.3

CVSS 27.5

CVSS 37.3

EPSS0.00403