Known Vulnerabilities for Model Context Protocol Servers by Lfprojects
Listed below are 4 of the newest known vulnerabilities associated with "Model Context Protocol Servers" by "Lfprojects".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-39313 json | mcp-framework is a framework for building Model Context Protocol (MCP) servers. In versions 0.2.21 and below, the readRequest... | Not Provided | 2026-04-16 | 2026-04-17 |
| CVE-2026-34742 json | The Go MCP SDK used Go's standard encoding/json. Prior to version 1.4.0, the Model Context Protocol (MCP) Go SDK does not ena... | Not Provided | 2026-04-02 | 2026-07-15 |
| CVE-2026-34237 json | MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 0.83.0, 1.0.1, and 1.... | Not Provided | 2026-03-31 | 2026-06-09 |
| CVE-2026-27735 json | Not Provided | 2026-02-26 | 2026-04-14 | |
| CVE-2026-25536 json | MCP TypeScript SDK is the official TypeScript SDK for Model Context Protocol servers and clients. From version 1.10.0 to 1.25... | Not Provided | 2026-02-04 | 2026-07-15 |
| CVE-2026-11624 json | The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connection... | Not Provided | 2026-06-13 | 2026-06-15 |
| CVE-2025-68145 json | Not Provided | 2025-12-17 | 2026-04-14 | |
| CVE-2025-68144 json | Not Provided | 2025-12-17 | 2026-04-14 | |
| CVE-2025-68143 json | Not Provided | 2025-12-17 | 2026-04-14 |