Vulnerability in N/a

CVE-2026-30624

Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers configuration feature. The application allows users to define MCP servers using a JSON configuration containing arbitrary command and args values…

EPSS: 0.003 (55.6th percentile) — read the EPSS interpretation.

Affected products

  • N/a — versions n/a

References