MCPJam/inspector

Releases167

Frequency2 days 7 hours

Last Release about 13 hours ago

Stars2.01K

Testing and evaluation platform to chat, inspect, and debug MCP servers, MCP apps, and ChatGPT apps.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-23744 ↗	Jan 16, 2026Friday, 16 January 2026, 20:15	9.8 CRITICAL	—
MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch.