CVE-2026-42559 | modelcontextprotocol rust-sdk up to 1.3.x streamable_http_server origin validation (ID 815)

Inserito da Angelo Barbosa | Mag 14, 2026 | CVE

A vulnerability, which was classified as critical, has been found in modelcontextprotocol rust-sdk up to 1.3.x. Affected by this issue is some unknown functionality of the file crates/rmcp/src/transport/streamable_http_server/. Performing a manipulation results in origin validation error.

This vulnerability was named CVE-2026-42559. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.

CVE-2026-42559 | modelcontextprotocol rust-sdk up to 1.3.x streamable_http_server origin validation (ID 815)

Post correlati

CVE-2026-1681 | zephyrproject-rtos Zephyr up to 4.3 IPv4 Address recursion

CVE-2024-1766 | Download Manager Plugin up to 3.2.86 on WordPress cross site scripting

CVE-2024-52043 | HumHub up to 1.16.2 on Linux observable response discrepancy

CVE-2024-27963 | Crisp Plugin up to 0.44 on WordPress cross site scripting