CVE-2026-5802 | idachev mcp-javadc up to 1.2.4 HTTP Interface jarFilePath os command injection

Inserito da Angelo Barbosa | Apr 8, 2026 | CVE

A vulnerability labeled as critical has been found in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP Interface. Such manipulation of the argument jarFilePath leads to os command injection.

This vulnerability is referenced as CVE-2026-5802. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-5802 | idachev mcp-javadc up to 1.2.4 HTTP Interface jarFilePath os command injection

Post correlati

CVE-2024-34011 | Acronis Cyber Protect Cloud Agent prior 37758 Folder default permission

CVE-2025-15087 | youlaitech youlai-mall 1.0.0/2.0.0 OrderController.java submitOrderPayment orderSn improper authorization

CVE-2025-31359 | Parallels Desktop 20.2.2 (55879) on macOS PVMP Package Unpacking path traversal (TALOS-2025-2160 / EUVD-2025-16718)

CVE-2024-13659 | Listamester Plugin up to 2.3.4 on WordPress cross site scripting