CVE-2025-66414 | modelcontextprotocol typescript-sdk up to 1.23.x insecure default initialization of resource

A vulnerability was found in modelcontextprotocol typescript-sdk up to 1.23.x. It has been classified as problematic. This impacts an unknown function. Performing manipulation results in insecure default initialization of resource.

This vulnerability is identified as CVE-2025-66414. The attack is only possible with local access. There is not any exploit available.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More