{"vulnerability": "cve-2026-23744", "sightings": [{"uuid": "eb1841ec-8b51-41b9-a044-104263f71a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3memetavadf2k", "content": "", "creation_timestamp": "2026-02-11T21:03:13.780474Z"}, {"uuid": "98a33c20-d985-4cc8-bb74-6e09b496dc5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://bsky.app/profile/thehackerwire.bsky.social/post/3mckxoqvf4c2z", "content": "", "creation_timestamp": "2026-01-16T20:44:47.944411Z"}, {"uuid": "5e80fee2-fb64-4059-8690-b4553291ece0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mfn2uadnmz2j", "content": "", "creation_timestamp": "2026-02-24T21:02:30.304983Z"}, {"uuid": "7671f05f-633f-4592-baf0-8b64935249be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mclbafogn52r", "content": "", "creation_timestamp": "2026-01-16T23:35:43.746459Z"}, {"uuid": "7726a3c5-f8e8-44d3-9c6a-06043ed46a2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115935997438542873", "content": "", "creation_timestamp": "2026-01-22T00:48:52.671464Z"}, {"uuid": "27739e01-65f7-455f-ace3-ee6002066f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115936006347966952", "content": "", "creation_timestamp": "2026-01-22T00:51:09.786979Z"}, {"uuid": "c3388019-1a2e-4de3-b1d3-0c283b2f72e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "Telegram/4Dok0lwX_JBk164h58WI7MYFHPq5Lse38n7xHVnp6ML19Yk", "content": "", "creation_timestamp": "2026-03-27T21:00:04.000000Z"}, {"uuid": "3089ac56-d04e-49f4-bebf-18a66f00784b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "bbf017eb-09fd-4f77-9acb-60ed2471fa3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-03)", "content": "", "creation_timestamp": "2026-04-03T00:00:00.000000Z"}, {"uuid": "44b01352-576d-41f7-9786-9c74fe445c64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "Telegram/NQOCep9JXuunt-IAyUJYpZHdpB1OmZjsgFCnwZQxWJWW2jY", "content": "", "creation_timestamp": "2026-04-10T09:00:05.000000Z"}, {"uuid": "f154430f-8021-46da-8e67-e12d76b62a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://gist.github.com/alon710/0b21758440be51f5aa5777ceee2d957c", "content": "", "creation_timestamp": "2026-01-24T21:24:05.000000Z"}, {"uuid": "111715f1-da1a-4516-b6ca-83551678a8ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://gist.github.com/alon710/823a3bbfcca3d099b34e9d463edcf770", "content": "", "creation_timestamp": "2026-01-24T22:29:01.000000Z"}, {"uuid": "2b964c1f-072e-4872-8950-150ad45b514e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://gist.github.com/alon710/e88d8d0be10139f637b6f94a8ceb8766", "content": "", "creation_timestamp": "2026-01-24T22:28:58.000000Z"}, {"uuid": "35af05a5-b8cb-4c29-bbbd-e3508f87b1d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-01)", "content": "", "creation_timestamp": "2026-04-01T00:00:00.000000Z"}, {"uuid": "6758a9d5-4996-452c-83e0-09b0e49c25f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/79702", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a exploit-CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a luiskrnr\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-04-10 05:57:10\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nMCPJam Inspector is a local-first development platform for MCP servers. In versions 1.4.2 (and earlier), a RCE flaw lets attackers send crafted HTTP request that installs an MCP server and runs code remotely, because the service listens on 0.0.0.0 (instead of 127.0.0.1) by default.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-04-10T06:00:04.000000Z"}, {"uuid": "5cadf1ef-c5ec-4287-9596-5ad43663ef13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "Telegram/GTcyuS7tJ_1o48Qpvj3yt6_sMu_d2tWC8nNXcWvEXpiRzjo", "content": "", "creation_timestamp": "2026-03-29T21:00:05.000000Z"}, {"uuid": "023ae372-0e60-4de3-b621-a6169a58080c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/76866", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a FrenzisRed\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-03-23 18:45:20\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 - MCPJam inspector Remote-Code-Execution: Proof Of Concept (POC\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-03-23T19:00:04.000000Z"}, {"uuid": "d7bf6dd9-3915-4c31-b133-c83fa31c027f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/77536", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-script\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a goosesmitty\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-03-27 15:58:37\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nExploit script for CVE-2026-23744\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-03-27T16:00:04.000000Z"}, {"uuid": "d139a9d7-feb3-4f93-a805-1358a15d9ff6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/77842", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a CyLock11\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-03-29 16:34:12\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 - MCP Connect RCE via Unauthenticated Command Injection\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-03-29T17:00:04.000000Z"}, {"uuid": "9f064f9f-58a6-41f0-bf40-cc5d3d31c12a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "Telegram/Y_xNc4JrZ-tyC3UP8KNp3mHZkpQBlpIA1IgeHuDgcQrNJTo", "content": "", "creation_timestamp": "2026-05-10T21:00:05.000000Z"}, {"uuid": "20a9a40d-97c1-46dd-aa2f-52fd5ecee948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/true_secator/8183", "content": "\u0421\u043e\u043b\u0430\u0440\u044b \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u0441 \u043e\u0431\u0437\u043e\u0440\u043e\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2026 \u0433\u043e\u0434\u0430, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u0439 \u043d\u0430 \u043b\u0430\u043d\u0434\u0448\u0430\u0444\u0442\u0435 \u0443\u0433\u0440\u043e\u0437 \u044d\u0442\u043e\u0433\u043e \u0442\u0438\u043f\u0430.\n\n\u041e\u0442\u043c\u0435\u0442\u0438\u043c \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0432\u044b\u0432\u043e\u0434\u044b:\n\n- \u041a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2026 \u0433\u043e\u0434\u0430 \u043f\u043e \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u044e \u0441 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u043e\u043c 2025 \u0433\u043e\u0434\u0430 \u0432\u044b\u0440\u043e\u0441\u043b\u043e \u043d\u0430 7% - \u0441 397 \u0434\u043e 426. \u0412 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0440\u043e\u0441\u0442 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d \u0442\u0435\u043c \u0444\u0430\u043a\u0442\u043e\u043c, \u0447\u0442\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0432 2026 \u0433\u043e\u0434\u0443, \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0435\u0449\u0435 \u0432 2025 \u0433\u043e\u0434\u0443.\n\n- \u0421\u0435\u0442\u0435\u0432\u043e\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0438\u043c\u0435\u043b\u0438 83,84% \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0412 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430 \u044d\u0442\u043e\u0442 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b 81%.\n\n- \u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u043e\u0441\u0442\u0430\u0432\u0438\u043b 8,1 \u0431\u0430\u043b\u043b\u0430. \u0412 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 - 7,8, \u0430 \u0433\u043e\u0434\u043e\u043c \u0440\u0430\u043d\u0435\u0435, \u043f\u043e \u0438\u0442\u043e\u0433\u0430\u043c \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 2025 \u0433\u043e\u0434\u0430, - 7,3.\n\n- 91,62% \u0432\u0441\u0435\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0447\u0435\u0440\u0435\u0437 HTTP. \u0411\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0439 \u00ab\u043f\u0440\u0435\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00bb - TCP (3,07%).\n\n- \u041d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0440\u043e\u0432\u043d\u044f Critical \u0438 High \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c 72,06% - \u044d\u0442\u043e \u0437\u0430\u043c\u0435\u0442\u043d\u043e \u0432\u044b\u0448\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 2025 \u0433\u043e\u0434\u0430 (69,3%), \u043d\u043e \u043b\u0438\u0448\u044c \u043d\u0435 \u043d\u0430\u043c\u043d\u043e\u0433\u043e \u0432\u044b\u0448\u0435, \u0447\u0435\u043c \u0431\u044b\u043b\u043e \u0432 \u043f\u0435\u0440\u0432\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 (71,5%).\n\n-  \u0421\u0430\u043c\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u043c \u0443\u0436\u0435 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u043e\u0432 \u043f\u043e\u0434\u0440\u044f\u0434 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f WordPress \u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u044b \u0434\u043b\u044f \u043d\u0435\u0433\u043e (18,13%).\n\n\u0414\u043e\u043b\u044f \u0442\u0430\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043e\u0431\u0449\u0435\u043c \u043e\u0431\u044a\u0435\u043c\u0435 \u0432\u044b\u0440\u043e\u0441\u043b\u0430 \u043d\u0430 4,7 \u043f\u0440\u043e\u0446\u0435\u043d\u0442\u043d\u044b\u0445 \u043f\u0443\u043d\u043a\u0442\u0430 \u0432 \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0438 \u0441 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u044b\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u043e\u043c. \u041e\u0434\u043d\u0430\u043a\u043e \u0432 \u0441\u0440\u0430\u0432\u043d\u0435\u043d\u0438\u0438 \u0441 \u043f\u0435\u0440\u0432\u044b\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u043e\u043c, \u043a\u043e\u0433\u0434\u0430 \u043d\u0430 WordPress \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u043b\u043e\u0441\u044c 22,4% \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u043d\u0430 \u0443\u043f\u0430\u043b\u0430.\n\n- \u041f\u043e\u0441\u043b\u0435 \u0441\u043f\u0430\u0434\u0430 \u0432 \u0447\u0435\u0442\u0432\u0435\u0440\u0442\u043e\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 \u0432\u043d\u043e\u0432\u044c \u0432\u0435\u0440\u043d\u0443\u043b\u0430\u0441\u044c \u043a \u0440\u043e\u0441\u0442\u0443 \u0434\u043e\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0418\u0418-\u0441\u0435\u0440\u0432\u0438\u0441\u0430\u0445.\n\n\u041d\u0430 \u043d\u0438\u0445 \u043f\u0440\u0438\u0448\u043b\u043e\u0441\u044c 4,83%. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e, \u0447\u0442\u043e \u0432 \u0441\u0440\u0435\u0434\u043d\u0435\u043c \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0442\u0430\u043a\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 - 9,2 \u0431\u0430\u043b\u043b\u0430. \u042d\u0442\u043e \u0441\u0430\u043c\u044b\u0439 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c \u0441\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432-\u043b\u0438\u0434\u0435\u0440\u043e\u0432 \u043f\u043e \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0443 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u0418\u0445 \u043d\u0430\u0445\u043e\u0434\u044f\u0442 \u0441\u0440\u0430\u0432\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u0434\u043a\u043e, \u043d\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u0442\u0430\u043a\u0438\u0445 \u0431\u0440\u0435\u0448\u0435\u0439 \u0438\u043c\u0435\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438.\n\n\u041e\u0431\u0449\u0438\u043c \u0442\u0440\u0435\u043d\u0434\u043e\u043c \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0430 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u0435 \u0441\u043a\u0430\u043d\u0435\u0440\u043e\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0418\u0418-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432. \u0422\u0430\u043a, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u043d\u0438\u0445, \u043d\u0430 \u043c\u0430\u0440\u0442 2026 \u0433. \u0432 AI-\u0430\u0433\u0435\u043d\u0442\u0435 OpenClaw \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442\u0441\u044f \u0431\u043e\u043b\u0435\u0435 522 CVE, \u0438 \u0435\u0436\u0435\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0430\u0437\u044b \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442\u0441\u044f, \u0447\u0442\u043e \u0433\u043e\u0432\u043e\u0440\u0438\u0442 \u043e \u043a\u0440\u0438\u0437\u0438\u0441\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 OpenClaw. ClawJacked - \u044d\u0442\u043e \u043d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 AI-\u0430\u0433\u0435\u043d\u0442.\n\n\u0412 1-\u043c \u043a\u0432\u0430\u0440\u0442\u0430\u043b\u0435 2026 \u0433. \u0440\u0435\u0439\u0442\u0438\u043d\u0433 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0438\u0441\u0445\u043e\u0434\u044f \u0438\u0437 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c: CVE-2025-2304 (Camaleon CMS), CVE-2026-23744 (MCPJam Inspector), CVE-2026-21858 (n8n), CVE-2026-29000 (pac4j-jwt) \u0438 CVE-2026-21962 (Oracle Fusion Middleware).\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0433\u0440\u0430\u0444\u0438\u043a\u0430 \u0438 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430 - \u0432 \u043e\u0442\u0447\u0435\u0442\u0435.", "creation_timestamp": "2026-05-07T16:20:06.000000Z"}, {"uuid": "cafdb19a-e971-4e0e-b419-3a7c961ed105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/86593", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #RCE #CVE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a DevHub-HackTheBox-ss11\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a SuriyaBoon\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Unknown\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-30 22:03:44\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nHTB Season 11 \u2014 DevHub Writeup  Exploiting CVE-2026-23744 (MCPJam Inspector unauthenticated RCE via /api/mcp/connect) to gain initial foothold, then lateral movement through Jupyter Lab token leaked in systemd service file.  Stack: nginx \u00b7 MCPJam Inspector 1.4.2 \u00b7 Jupyter Lab \u00b7 OPSMCP (root)\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-30T22:06:26.000000Z"}, {"uuid": "788438ba-5df1-4dda-b92c-02bb336a1982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/84255", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a kobold\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a ledksv\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a None\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-14 21:56:27\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nKobold \u2014 HackTheBox Medium writeup: CVE-2026-23744, PrivateBin LFI, Docker group escape to root\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-14T22:00:04.000000Z"}, {"uuid": "688b930b-c8ab-405b-8b78-59e24cbe0155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://github.com/MCPJam/inspector/security/advisories/GHSA-232v-j27c-5pp6", "content": "", "creation_timestamp": "2026-01-16T19:35:41.000000Z"}, {"uuid": "05e34e80-a2cc-4d92-a7a5-a6c18a90cde1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/86612", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a p1ctur3p3rf3ct\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 02:22:26\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 PoC\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T03:00:03.000000Z"}, {"uuid": "526a2228-6590-4c9c-b3d5-a94fc705fb05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/86676", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-RCE-for-MCPjam-inspector-v1.4.2\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a SrGinebras\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 12:59:17\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\n\u65e0\u63cf\u8ff0\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T13:00:04.000000Z"}, {"uuid": "b7aa9b94-0ed3-4266-a9ce-b903ea30f743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/86640", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #RCE\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a HTB-DevHub\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a thisisish\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 07:51:34\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 RCE + Privilege Escalation\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T08:00:04.000000Z"}, {"uuid": "88bff29b-c6a2-45e4-9f56-af63f7ccad5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "seen", "source": "https://t.me/GithubRedTeam/86722", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744-POC\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a sbouabid-sec\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 17:30:27\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nCVE-2026-23744 \u2014 Proof of concept exploit for an unauthenticated Remote Code Execution vulnerability in MCPJam Inspector &lt;= 1.4.2. \n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T18:00:03.000000Z"}, {"uuid": "a85d6771-c8e4-4e6c-9b27-ce6eb2e93257", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-23744", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/86728", "content": "\ud83d\udea8 GitHub \u76d1\u63a7\u6d88\u606f\u63d0\u9192\n\n\ud83d\udea8 \u53d1\u73b0\u5173\u952e\u8bcd\uff1a #CVE-2026 #POC #Exploit\n\n\ud83d\udce6 \u9879\u76ee\u540d\u79f0\uff1a CVE-2026-23744\n\ud83d\udc64 \u9879\u76ee\u4f5c\u8005\uff1a Least-Significant-Bit\n\ud83d\udee0 \u5f00\u53d1\u8bed\u8a00\uff1a Python\n\u2b50 Star\u6570\u91cf\uff1a 0  |  \ud83c\udf74 Fork\u6570\u91cf\uff1a 0\n\ud83d\udcc5 \u66f4\u65b0\u65f6\u95f4\uff1a 2026-05-31 19:20:16\n\n\ud83d\udcdd \u9879\u76ee\u63cf\u8ff0\uff1a\nRemote Code Execution in MCPJam 1.4.2 and older.\n\n\ud83d\udd17 \u70b9\u51fb\u8bbf\u95ee\u9879\u76ee\u5730\u5740", "creation_timestamp": "2026-05-31T20:00:04.000000Z"}]}