Modelcontextprotocol Python-sdk

6 CVEs affecting Modelcontextprotocol Python-sdk. Latest disclosed: 2026-07-15. Critical: 0, High: 3.

Top CVEs affecting Modelcontextprotocol Python-sdk
CVESeverityScorePublishedSummary
CVE-2025-66416High8.12025-12-02The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.23.0, tThe Model Context Protocol…
CVE-2026-52870High7.62026-07-15The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol (MCP). From 1.23.0 until 1.27.2, default handlers installed by…
CVE-2026-52869High7.12026-07-15The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to 1.27.2, the SSE and stateful Streamable HTTP t…
CVE-2026-599502026-07-15The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to 1.28.1, the deprecated mcp.server.websocket.we…
CVE-2025-533662025-07-04The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP…
CVE-2025-533652025-07-04The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.10.0, if a client deliberately tri…