CVE-2026-5802
Received Received - Intake
OS Command Injection in idachev MCP-JavaDC HTTP Interface

Publication date: 2026-04-08

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP Interface. Such manipulation of the argument jarFilePath leads to os command injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-08
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-08
EPSS Evaluated
2026-06-15
NVD
CVE-2026-5802
EUVD
EUVD-2026-20623
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
idachev mcp-javadc to 1.2.4 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-78 The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-5802 is a command injection vulnerability in the idachev mcp-javadc project up to version 1.2.4. It arises from unsafe handling of the jarFilePath argument in the decompile-from-jar tool exposed via the MCP/HTTP interface. The jarFilePath parameter is directly embedded into shell commands without proper sanitization, allowing an attacker to inject arbitrary OS commands.

An attacker with network access to the MCP/HTTP interface can remotely execute arbitrary system commands with the privileges of the server process by crafting malicious requests that break out of the quoted shell command context.

Exploitation has been demonstrated by executing commands like 'id' to reveal user identity information, confirming the ability to run arbitrary commands on the host.

Compliance Impact

The vulnerability allows remote attackers to execute arbitrary system commands on the affected host, leading to full host compromise. This includes the ability to read sensitive files, secrets, environment variables, and accessible data, as well as modify files and disrupt services.

Such unauthorized access and control over the system can result in breaches of confidentiality, integrity, and availability of data, which are critical requirements under common standards and regulations like GDPR and HIPAA.

Specifically, the exposure of sensitive personal data or protected health information due to this vulnerability could lead to non-compliance with GDPR's data protection principles and HIPAA's security rules, potentially resulting in legal and financial penalties.

Therefore, until this vulnerability is mitigated, systems using the affected software may be at risk of violating these compliance requirements.

Impact Analysis

This vulnerability can have severe impacts including full host compromise. An attacker can execute arbitrary commands on the affected system, leading to:

  • Confidentiality loss: reading sensitive files, secrets, environment variables, and data accessible to the server.
  • Integrity loss: modifying files, configurations, or downstream systems.
  • Availability disruption: disrupting services, consuming resources, or executing destructive commands.

Because the vulnerability affects the entire host system where the server runs, it can lead to complete system compromise.

Detection Guidance

This vulnerability can be detected by attempting to exploit the command injection via the vulnerable HTTP interface, specifically by sending crafted JSON-RPC requests to the `tools/call` endpoint with the method `decompile-from-jar` and a malicious `jarFilePath` parameter.

A proof-of-concept command involves sending a JSON-RPC request that injects shell commands, such as the `id` command, to verify if arbitrary command execution is possible.

Example detection approach using curl to send a malicious payload:

  • curl -X POST http://<target-host>/tools/call -H 'Content-Type: application/json' -d '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"decompile-from-jar","arguments":{"jarFilePath":"/tmp/a\" ; id >&2 ; \"","className":"com.example.Foo"}}}'

If the response or error output includes user identity information (output of the `id` command), it confirms the presence of the command injection vulnerability.

Mitigation Strategies

Immediate mitigation steps include restricting or disabling access to the vulnerable MCP/HTTP interface to prevent remote exploitation.

Implement network-level controls such as firewall rules or access control lists to limit access to trusted users only.

If possible, temporarily disable or block the `decompile-from-jar` method or the entire `tools/call` endpoint until a patch or fix is available.

Apply application-level mitigations such as:

  • Remove free-form shell command execution from request handlers.
  • Replace direct shell execution with a fixed allowlist of commands and strict argument validation.
  • Use safer Node.js APIs like `spawn` or `execFile` with argument arrays and without `shell: true`.
  • Implement authentication, authorization, audit logging, and rate limiting on sensitive MCP/HTTP endpoints.

Monitor for any suspicious activity or exploitation attempts in logs and network traffic.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5802. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart