2382 matches found
CVE-2026-45577
Neotoma provides versioned records that persist across agent runs. From 0.6.0 to before 0.11.1, Neotoma can treat public reverse-proxied requests as local when the app receives them over a loopback socket and no Bearer token is present. In affected deployments, the REST auth middleware can resolv...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
cve-2026...
MCP Inspector < 0.14.0 UnauthenticatedRemote Code Execution
The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. id...
ROOT-APP-NPM-CVE-2025-49596 CVE-2025-49596 in @rootio/modelcontextprotocol__inspector - Patched by Root
Root has patched CVE-2025-49596 in the @rootio/modelcontextprotocolinspector package for Root:npm. Multiple fixed versions available...
MCPJam Inspector - Remote Code Execution
MCPJam inspector is the local-first development platform for MCP servers. The Latest version 1.4.2 and earlier are vulnerable to a remote code execution RCE vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. id:...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744 — MCPJam Unauthenticated Remote Code Execution...
📄 MCPJam Inspector 1.4.2 Command Injection
This is an advanced Python proof of concept for CVE-2026-23744 demonstrating command injection through a vulnerable MCP API endpoint, leading to remote code execution and reverse shell access. The script supports multiple payload types, endpoint discovery, listener management, and several...
MCPJam Inspector 1.4.2 Defensive API Security Assessment Tool
This Python-based defensive auditing tool evaluates the exposure and security posture of MCP-related API endpoints in a controlled and authorized environment. It is designed to assist security teams in identifying insecure API configurations, exposed execution interfaces, and potential operationa...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744 - MCPJam Inspector RCE PoC Proof of Concept ex...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744 --- Description MCPJam inspector is a loca...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
No d...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
on kali linux - terminal 1...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
usage: exploit.py -h --lhost LHOST --lport LPOR...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744 — MCPJam Inspector Unauthenticated RCE !Pytho...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
HackTheBox — DevHub CVE-2026-23744 | MCPJam Inspector Unaut...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
CVE-2026-23744 !Image althttps...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
No d...
Exploit for Missing Authentication for Critical Function in Mcpjam Inspector
No d...
NodeVM builtin denylist bypass via process and inspector/promises allows host code execution
Summary NodeVM blocks several dangerous Node.js builtins such as module, workerthreads, cluster, vm, repl, and inspector. However, the denylist misses process and inspector/promises. Both can be used from sandboxed code to reach host-side execution primitives. This allows sandboxed code to bypass...
Incomplete List of Disallowed Inputs
Overview vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs via the builtin allowlist handling in lib/builtin.js. An attacker can reach host code by requiring process and...