CVE-2026-42559
HIGH SEVERITYCVSS Score & Metrics
Base Score
8.8 / 10
Vulnerability Description
rmcp Streamable HTTP server transport has a DNS rebinding vulnerability
Vulnerability Details
Published Date
Last Modified
Source
GitHub
Vendor
rust
Product
rmcp
External References
- https://github.com/modelcontextprotocol/rust-sdk/security/advisories/GHSA-89vp-x53w-74fx
- https://github.com/modelcontextprotocol/rust-sdk/issues/815
- https://github.com/modelcontextprotocol/rust-sdk/pull/764
- https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#security-warning
- https://github.com/advisories/GHSA-89vp-x53w-74fx
Discussion (0)
Add Comment
No comments yet. Be the first!