CVE-2026-5802
Published: 08 April 2026
Summary
CVE-2026-5802 is a high-severity Command Injection (CWE-77) vulnerability. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
This vulnerability is AI-related — categorised as AI Agent Protocols and Integrations; in the Protocol-Specific Risks risk domain.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates OS command injection by requiring validation of untrusted HTTP inputs such as the jarFilePath argument in the vulnerable interface.
Requires timely identification, reporting, and correction of flaws like this command injection vulnerability in mcp-javadc versions up to 1.2.4.
Boundary protection at network interfaces can deploy web application firewalls to filter and block malicious jarFilePath payloads targeting the HTTP interface.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
OS command injection in public-facing HTTP interface directly enables T1190 (Exploit Public-Facing Application) and facilitates T1059 (Command and Scripting Interpreter) for arbitrary OS command execution.
NVD Description
A vulnerability was identified in idachev mcp-javadc up to 1.2.4. Impacted is an unknown function of the component HTTP Interface. Such manipulation of the argument jarFilePath leads to os command injection. It is possible to launch the attack remotely. The…
more
exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.
Deeper analysisAI
CVE-2026-5802 is an OS command injection vulnerability affecting idachev mcp-javadc versions up to 1.2.4. The issue resides in an unknown function within the HTTP Interface component, where manipulation of the jarFilePath argument enables command injection. This flaw, classified under CWE-77 and CWE-78, carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) and was published on 2026-04-08.
Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, potentially enabling arbitrary OS command execution on the affected system. A public exploit is available and might be used, as noted in related disclosures.
Advisories indicate the project was informed early via an issue report at https://github.com/idachev/mcp-javadc/issues/7 but has not responded. No patches or mitigations are mentioned in the available references, including VulDB entries at https://vuldb.com/vuln/356241 and https://vuldb.com/submit/786974. Security practitioners should monitor the repository at https://github.com/idachev/mcp-javadc/ for updates.
The exploit proof-of-concept is hosted at https://github.com/BruceJqs/public_exp/issues/2, highlighting active community awareness but no confirmed real-world exploitation at this time.
Details
- CWE(s)
AI Security AnalysisAI
- AI Category
- AI Agent Protocols and Integrations
- Risk Domain
- Protocol-Specific Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: mcp