5 matches found
CVE-2026-34237
MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 1.0.1 and 1.1.1...
CVE-2026-34237 MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)
MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 1.0.1 and 1.1.1...
CVE-2026-34237 MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)
MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 1.0.1 and 1.1.1...
MCP Java SDK 安全漏洞
The MCP Java SDK is an open-source standard protocol SDK for integrating AI models and tools with Java applications, developed under the Model Context Protocol. Versions of the MCP Java SDK prior to 1.0.1 and 1.1.1 contained security vulnerabilities, which were caused by hardcoded wildcard CORS...
GHSA-HV2W-8MJJ-JW22 MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)
Summary Hardcoded Wildcard CORS Access-Control-Allow-Origin: - https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletSseServerTransportProvider.javaL289 -...