Vulnerabilities in modelcontextprotocol
25 resultsCVE-2025-49596CRITICALMCP Inspector proxy server lacks authentication between the Inspector client and proxyEPSS 37.0%CVE-2025-68143MEDIUMmcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locationsEPSS 7.8%CVE-2025-68144MEDIUMmcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local filesEPSS 7.3%CVE-2025-68145MEDIUMmcp-server-git has missing path validation when using --repository flagEPSS 6.2%CVE-2025-53366HIGHMCP SDK Vulnerable to FastMCP Server Validation Error, Leading to Denial of ServiceEPSS 5.7%CVE-2025-53109HIGHModel Context Protocol Servers Vulnerable to Path Validation Bypass via Prefix Matching and Symlink HandlingEPSS 0.7%CVE-2025-58444HIGHMCP Inspector is Vulnerable to Potential Command Execution via XSS When Connecting to an Untrusted MCP ServerEPSS 0.6%CVE-2025-53110HIGHModel Context Protocol Servers Vulnerable to Path Validation Bypass via Colliding Path PrefixEPSS 0.5%CVE-2026-33946HIGHMCP Ruby SDK: Insufficient Session Binding Allows SSE Stream Hijacking via Session ID ReplayEPSS 0.5%CVE-2025-66414HIGHDNS Rebinding Protection Disabled by Default in Model Context Protocol TypeScript SDK for Servers Running on LocalhostEPSS 0.4%CVE-2025-66416HIGHDNS Rebinding Protection Disabled by Default in Model Context Protocol Python SDK for Servers Running on LocalhostEPSS 0.4%CVE-2026-34742HIGHModel Context Protocol Go SDK: DNS Rebinding Protection Disabled by Default for Servers Running on LocalhostEPSS 0.4%CVE-2026-44427NONEMCP Registry: Open RedirectEPSS 0.4%CVE-2025-53365HIGHMCP Python SDK has Unhandled Exception in Streamable HTTP Transport ,Leading to Denial of ServiceEPSS 0.4%CVE-2026-27735MEDIUMmcp-server-git : Path traversal in git_add allows staging files outside repository boundariesEPSS 0.3%CVE-2026-44430MEDIUMMCP Registry: Unauthenticated SSRF: HTTP namespace verification dials 6to4 / NAT64 / site-local IPv6 addresses, bypassing private-address allowlistEPSS 0.3%CVE-2026-27896HIGHMCP Go SDK Vulnerable to Improper Handling of Case SensitivityEPSS 0.3%CVE-2026-25536HIGH@modelcontextprotocol/sdk has cross-client data leak via shared server/transport instance reuseEPSS 0.2%CVE-2026-34237MEDIUMMCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)EPSS 0.2%CVE-2026-44428LOWMCP Registry: GitHub OIDC tokens replayable across registry deployments due to shared audienceEPSS 0.2%