Vulnerability in Modelcontextprotocol Python-sdk

CVE-2025-53365

The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.10.0, if a client deliberately triggers an exception after establishing a streamable HTTP session, this can lead t…

EPSS: 0.004 (27.4th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References