CVE 8.6 HIGH

CVE-2026-30624_CVE-2026-30624

April 15, 2026 invoker category_cve

8.6 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Description

Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers configuration feature. The application allows users to define MCP servers using a JSON configuration containing arbitrary command and args values. These values are executed by the application when the configuration is applied without sufficient validation or restriction. An attacker may supply a malicious MCP configuration to execute arbitrary operating system commands, potentially resulting in remote code execution with the privileges of the Agent Zero process.

AI Analysis

Remote code execution vulnerability in Agent Zero's External MCP Servers configuration feature

Basic Information

ID CVE-2026-30624

Source mitre

Published Apr 15, 2026 at 00:00

Modified Apr 15, 2026 at 18:02

Affected Product

Vendor Ox Security

Product Agent Zero

Version 0.9.8

Affected Versions n/a n/a n/a

CWE Classification

CWE-77

AI Assessment

AI Score 8.6 / 10

AI Severity High

Vendor Ox Security

Product Agent Zero

Version 0.9.8

References

www.ox.security /blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/

{
    "lastseen": "",
    "description": "Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers configuration feature. The application allows users to define MCP servers using a JSON configuration containing arbitrary command and args values. These values are executed by the application when the configuration is applied without sufficient validation or restriction. An attacker may supply a malicious MCP configuration to execute arbitrary operating system commands, potentially resulting in remote code execution with the privileges of the Agent Zero process.",
    "published": "2026-04-15T00:00:00.000Z",
    "modified": "2026-04-15T18:02:40.808Z",
    "type": "cve",
    "title": "CVE-2026-30624",
    "source": "mitre",
    "references": "https://www.ox.security/blog/mcp-supply-chain-advisory-rce-vulnerabilities-across-the-ai-ecosystem/",
    "id": "CVE-2026-30624",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.6,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Agent Zero",
    "version": "0.9.8",
    "vendor": "Ox Security",
    "ai_description": "Remote code execution vulnerability in Agent Zero's External MCP Servers configuration feature",
    "ai_severity": "High",
    "ai_vendor": "Ox Security",
    "ai_product": "Agent Zero",
    "ai_version": "0.9.8",
    "ai_score": 8.6
}

💭 Join the Security Discussion ❌ Cancel Reply