CVE-2026-30616

Name of the Vulnerable Software and Affected Versions Jaaz version 1.0.30

Description An issue exists in the MCP STDIO command execution handling. A remote attacker can send crafted network requests to the network-accessible application, causing attacker-controlled commands to be executed on the server. Successful exploitation results in arbitrary command execution within the context of the service, potentially allowing full compromise of the affected system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.