HTB DevHub (Medium): CVE-2026-23744 → JupyterLab WebSocket RCE → Hidden MCP Tool to Root
An unauthenticated RCE in MCPJam Inspector (CVE-2026-23744) provides initial access. A JupyterLab token exposed in process arguments enables lateral movement via a raw WebSocket client. Reading the source code of an internal MCP server reveals a hidden tool that dumps root's SSH private key.
