modelcontextprotocol
AI / MLoss-project
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting modelcontextprotocol.
- CVE-2026-44428MCP Registry: GitHub OIDC tokens replayable across registry deployments due to shared audience4.7
- CVE-2026-44429MCP Registry: Stored XSS in catalogue UI via attribute-quote breakout in publisher-controlled `websiteUrl`5.4
- CVE-2026-44430MCP Registry: Unauthenticated SSRF: HTTP namespace verification dials 6to4 / NAT64 / site-local IPv6 addresses, bypassing private-address allowlist4.0
- CVE-2026-45781MCP Registry: OCI ownership validation fails open on upstream rate limits, allowing attacker-controlled package claims3.5
- CVE-2026-42559RMCP: DNS rebinding vulnerability in rmcp Streamable HTTP server transport8.8
- CVE-2026-35568MCP Java-SDK has a DNS Rebinding Vulnerability5.7
- CVE-2026-34742Model Context Protocol Go SDK: DNS Rebinding Protection Disabled by Default for Servers Running on Localhost8.1
- CVE-2026-34237MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)6.1
- CVE-2026-33946MCP Ruby SDK: Insufficient Session Binding Allows SSE Stream Hijacking via Session ID Replay5.9
- CVE-2026-33252MCP Go SDK Allows Cross-Site Tool Execution for HTTP Servers without Authorizatrion7.1
- CVE-2026-27896MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity7.5
- CVE-2026-27735mcp-server-git : Path traversal in git_add allows staging files outside repository boundaries6.5
- CVE-2026-25536@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuse7.1
- CVE-2025-68145mcp-server-git has missing path validation when using --repository flag9.1
- CVE-2025-68144mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files7.1