Vulnerability in Modelcontextprotocol Python-sdk

CVE-2025-53366

The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, result…

EPSS: 0.057 (92.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References