Modelcontextprotocol Java-sdk
2 CVEs affecting Modelcontextprotocol Java-sdk. Latest disclosed: 2026-04-07. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-34237 | Medium | 6.1 | 2026-03-31 | MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded wildcard CORS vul… |
CVE-2026-35568 | | 2026-04-07 | MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to 1.0.0, the java-sdk contains a DNS rebinding vulnerability. This… |