PatchSiren cyber security CVE debrief
CVE-2026-34742 modelcontextprotocol CVE debrief
The Go MCP SDK used Go's standard encoding/json. Prior to version 1.4.0, the Model Context Protocol (MCP) Go SDK does not enable DNS rebinding protection by default for HTTP-based servers. When an HTTP-based MCP server is run on localhost without authentication with StreamableHTTPHandler or SSEHandler, a malicious website could exploit DNS rebinding to bypass same-origin policy restrictions and send requests to the local MCP server. This could allow an attacker to invoke tools or access resources exposed by the MCP server on behalf of the user in those limited circumstances. This issue has been patched in version 1.4.0.
- Vendor
- modelcontextprotocol
- Product
- go-sdk
- CVSS
- HIGH 7.6
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-02
- Original CVE updated
- 2026-06-30
- Advisory published
- 2026-04-02
- Advisory updated
- 2026-06-30
Who should care
Users of the MCP Go SDK, particularly those running HTTP-based MCP servers on localhost without authentication, should be aware of this vulnerability and take steps to mitigate it. This includes updating to version 1.4.0 or later and implementing additional security measures to protect against DNS rebinding attacks. Organizations using the MCP Go SDK should review their configurations and ensure that they are not exposed to unnecessary risk.
Technical summary
The MCP Go SDK does not enable DNS rebinding protection by default for HTTP-based servers prior to version 1.4.0. This allows a malicious website to potentially exploit DNS rebinding and bypass same-origin policy restrictions to send requests to a local MCP server. The vulnerability requires the MCP server to be running on localhost without authentication using StreamableHTTPHandler or SSEHandler. An attacker could use this to invoke tools or access resources exposed by the MCP server on behalf of the user. The issue is patched in version 1.4.0, which enables DNS rebinding protection by default.
Defensive priority
High priority should be given to updating the MCP Go SDK to version 1.4.0 or later. Additionally, defenders should review their configurations and ensure that HTTP-based MCP servers are properly secured, particularly those running on localhost without authentication.
Recommended defensive actions
- Update the MCP Go SDK to version 1.4.0 or later.
- Review and secure configurations of HTTP-based MCP servers, especially those running on localhost without authentication.
- Implement additional security measures to protect against DNS rebinding attacks.
- Monitor for suspicious activity and ensure that the MCP server is not exposed to unnecessary risk.
- Consider implementing compensating controls, such as network restrictions or web application firewalls, to mitigate the risk of DNS rebinding attacks.
Evidence notes
The CVE record and NVD detail provide information on the vulnerability and its patch. The source item URL provides additional context and references. The mitigation or vendor references provide links to the patch, issue tracking, and release notes.
Official resources
-
CVE-2026-34742 CVE record
CVE.org
-
CVE-2026-34742 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Patch
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Patch
-
Mitigation or vendor reference
[email protected] - Release Notes
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
-
Source reference
0b0ca135-0b70-47e7-9f44-1890c2a1c46c
This article is AI-assisted and based on the supplied source corpus.