CVE-2026-42559 | modelcontextprotocol rust-sdk up to 1.3.x streamable_http_server origin validation (ID 815)

A vulnerability, which was classified as critical, has been found in modelcontextprotocol rust-sdk up to 1.3.x. Affected by this issue is some unknown functionality of the file crates/rmcp/src/transport/streamable_http_server/. Performing a manipulation results in origin validation error.

This vulnerability was named CVE-2026-42559. The attack may be initiated remotely. There is no available exploit.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More