This critical by-design vulnerability exists in the Anthropic Model Context Protocol (MCP) SDK due to unsafe default configurations over the STDIO transport interface. It allows remote attackers to achieve arbitrary remote code execution on systems running vulnerable MCP implementations. Successful exploitation grants attackers access to sensitive data including API keys, database credentials, and chat histories, posing broad AI supply chain risk. The flaw affects over 7,000 public servers and packages with over 150 million total downloads.
Remediation
Update to the latest patched versions of the Anthropic MCP SDK and all dependent MCP projects immediately. Restrict network access to MCP servers to only trusted sources and disable STDIO transport if it is not actively required. Review configuration settings and monitor for unusual access to sensitive AI system data.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.