CVE-2026-23744: When 'Developer Experience' Becomes 'Attacker Experience'
Jan 16, 2026·6 min read·17 visits
Executive Summary (TL;DR)
MCPJam Inspector versions <= 1.4.2 bind a sensitive API endpoint to 0.0.0.0 by default. This endpoint, /api/mcp/connect, allows unauthenticated users to spawn arbitrary system processes via a JSON payload. Attackers can exploit this to achieve immediate RCE. The fix in 1.4.3 restricts the binding to localhost (127.0.0.1), but fails to implement authentication, leaving the door ajar for local privilege escalation or DNS rebinding attacks.
A critical Remote Code Execution vulnerability in MCPJam Inspector turns a helpful developer tool into an open door for remote attackers. By combining a dangerous feature—arbitrary process spawning—with an insecure default network configuration, the application allowed anyone with network visibility to execute commands on the host machine without authentication.
Official Patches
Fix Analysis (1)
Technical Appendix
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAffected Systems
Affected Versions Detail
| Product | Affected Versions | Fixed Version |
|---|---|---|
MCPJam Inspector MCPJam | <= 1.4.2 | 1.4.3 |
| Attribute | Detail |
|---|---|
| CWE ID | CWE-306 (Missing Authentication) |
| Attack Vector | Network (AV:N) |
| CVSS | 9.8 (Critical) |
| Impact | Remote Code Execution (RCE) |
| Port | 6274 (Default) |
| Protocol | HTTP / JSON |
MITRE ATT&CK Mapping
The software does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.