Exploit for OS Command Injection in Arcane CVE-2026-23520

Name: Exploit for OS Command Injection in Arcane CVE-2026-23520
Rating: 5 (174 reviews)

2026-03-21 | CVSS 9.0

## https://sploitus.com/exploit?id=70FAAA84-6EB3-502C-AF9E-17F065E11C75
# CVE-2026-23520
A proof‑of‑concept exploit demonstrating unauthenticated remote command execution in Arcane MCP (CVE‑2026‑23520) via the /api/mcp/connect endpoint.

## Usage
```bash
git clone https://github.com/0xzap/CVE-2026-23520.git
python3 cve-2026-23520.py    
```