4 matches found
CVE-2026-35568
MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to 1.0.0, the java-sdk contains a DNS rebinding vulnerability. This vulnerability allows an attacker to access a locally or network-private java-sdk MCP server via a victims browser that is either local, o...
CVE-2026-34237
MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 0.83.0, 1.0.1, and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 0.83.0, 1.0.1, and 1.1.1...
CVE-2026-34237
MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 1.0.1 and 1.1.1...
This Week in Spring - December 2nd, 2025
Hi, Spring fans! Welcome to another installment of This Week in Spring. By mistake, I inadvertently published older content in this installment, then tried to fix it and ended up re-publishing the same content. And, what's worse, I somehow ended up deleting the draft I had written for this...