CVE-2026-0621
EPSS 0.05%Anthropic's MCP TypeScript SDK has a ReDoS vulnerability
Description
### Impact A ReDoS vulnerability in the `UriTemplate` class allows attackers to cause denial of service. The `partToRegExp()` function generates a regex pattern with nested quantifiers (`([^/]+(?:,[^/]+)*)`) for exploded template variables (e.g., `{/id*}`, `{?tags*}`), causing catastrophic backtracking on malicious input. **Who is affected:** MCP servers that register resource templates with exploded array patterns and accept requests from untrusted clients. **Attack result:** An attacker sends a crafted URI via `resources/read` request, causing 100% CPU utilization, server hang/crash, and denial of service for all clients. ### Affected Versions All versions of `@modelcontextprotocol/sdk` prior to the patched release. ### Patches v1.25.2 contains b392f02ffcf37c088dbd114fedf25026ec3913d3 the fix modifies the regex pattern to prevent backtracking. ### Workarounds - Avoid using exploded patterns (`{/id*}`, `{?tags*}`) in resource templates - Implement request timeouts and rate limiting - Validate URIs before processing to reject suspicious patterns
Affected packages (1)
- npm/@modelcontextprotocol/sdkfrom 0, < 1.25.2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
References (7)
- ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-0621
- PATCHhttps://github.com/modelcontextprotocol/typescript-sdk
- WEBhttps://github.com/modelcontextprotocol/typescript-sdk/commit/b392f02ffcf37c088dbd114fedf25026ec3913d3
- WEBhttps://github.com/modelcontextprotocol/typescript-sdk/issues/965
- WEBhttps://github.com/modelcontextprotocol/typescript-sdk/releases/tag/v1.25.2
- WEBhttps://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-cqwc-fm46-7fff
- WEBhttps://www.vulncheck.com/advisories/mcp-typescript-sdk-uritemplate-exploded-array-pattern-redos