CVE-2026-34742
The Go MCP SDK used Go's standard encoding/json. Prior to version 1.4.0, the Model Context Protocol (MCP) Go SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication with StreamableHTTPHandler or SSEHandler, a malicious website could exploit DNS rebinding to bypass same-origin policy restrictions and send requests to the local MCP server. This could allow an attacker to invoke tools or access resources exposed by the MCP server on behalf of the user in those limited circumstances. This issue has been patched in version 1.4.0.
-
exploitation prediction scoring system. probability this vulnerability will be exploited in the wild in the next 30 days.
cvss
common vulnerability scoring system v3.1. measures intrinsic severity on a 0-10 scale.
epss
0.0008
kev
no
cisa known exploited vulnerabilities catalog. confirmed active exploitation.
CVSS 3.1
Common Vulnerability Scoring System v3.1
8.1
/ 10
HIGH
exploitability
Attack Vector
Network
Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.
Attack Complexity
Low
Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.
Privileges Required
None
Privileges Required (PR:N): no authentication needed. any anonymous attacker can exploit this.
User Interaction
Required
User Interaction (UI:R): victim must perform some action (e.g. clicking a link, opening a file).
impact
Scope
Unchanged
Scope (S:U): impact limited to the vulnerable component.
Confidentiality
High
Confidentiality (C:H): total information disclosure. attacker gains access to all data within the component.
Integrity
High
Integrity (I:H): complete data modification possible. attacker can modify any data.
Availability
None
Availability (A:N): no availability impact.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVSS 4.0
Common Vulnerability Scoring System v4.0
7.6
/ 10
HIGH
exploitability
Attack Vector
Network
Attack Vector (AV:N): exploitable remotely over the network — most dangerous. no physical or adjacent access needed.
Attack Complexity
Low
Attack Complexity (AC:L): no special conditions needed. attack can be reliably reproduced.
Attack Requirements
Present
Attack Requirements (AT:P): requires specific conditions in the target environment.
Privileges Required
None
Privileges Required (PR:N): no authentication needed. any anonymous attacker can exploit this.
User Interaction
Passive
User Interaction (UI:P): victim must perform a limited, passive action (e.g. opening a document).
vulnerable system impact
Vuln Confidentiality
High
Confidentiality (VC:H): total information disclosure. attacker gains access to all data within the component.
Vuln Integrity
High
Integrity (VI:H): complete data modification possible. attacker can modify any data.
Vuln Availability
None
Availability (VA:N): no availability impact.
subsequent system impact
Sub Confidentiality
None
Subsequent Confidentiality: impact on data confidentiality of downstream/connected systems. Value: N (None)
Sub Integrity
None
Subsequent Integrity: impact on data integrity of downstream/connected systems. Value: N (None)
Sub Availability
None
Subsequent Availability: impact on service availability of downstream/connected systems. Value: N (None)
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
activity density
rdintel assessment
composite score from 15+ signals including exploitation status, epss probability, detection coverage, and community attention. 0-100 scale.
sign in to view full intelligence
pocs, detection rules, timeline, advisories, and more