2 matches found
ROOT-APP-NPM-CVE-2025-66414 CVE-2025-66414 in @rootio/modelcontextprotocol__sdk - Patched by Root
Root has patched CVE-2025-66414 in the @rootio/modelcontextprotocolsdk package for Root:npm. Multiple fixed versions available...
CVE-2026-35568 MCP Java-SDK has a DNS Rebinding Vulnerability
MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to 1.0.0, the java-sdk contains a DNS rebinding vulnerability. This vulnerability allows an attacker to access a locally or network-private java-sdk MCP server via a victims browser that is either local, o...