CVE-2026-33252

Description

The Go SDK's Streamable HTTP transport accepted browser-generated cross-site `POST` requests without validating the `Origin` header and without requiring `Content-Type: application/json`. In deployments without Authorization, especially stateless or sessionless configurations, this allows an arbitrary website to send MCP requests to a local server and potentially trigger tool execution. #### Impact: A malicious website may have been able to send cross-site POST requests with `Content-Type: text/plain`, which due to CORS-safelisted properties would reach the MCP message handling without any CORS preflight barrier. #### Fix: The SDK was modified to perform `Content-Type` header validation for POST requests and introduced a configurable protection for verifying the origin of the request in commit a433a83. Users are advised to update to v1.4.1 to use this additional protection. Note: v1.4.1 requires Go 1.25 or later. #### Credits: Thank you to Lê Minh Quân for reporting the issue.

Affected packages (2)

• Go/github.com/modelcontextprotocol/go-sdkfrom 0, < 1.4.1
• Go/github.com/modelcontextprotocol/go-sdkfrom 0, < 1.4.1

CVSS scores

References (4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2026-33252
• PATCHhttps://github.com/modelcontextprotocol/go-sdk
• WEBhttps://github.com/modelcontextprotocol/go-sdk/commit/a433a831d6e5d5ac3b9e625a8095aa8eaa040dfc
• WEBhttps://github.com/modelcontextprotocol/go-sdk/security/advisories/GHSA-89xv-2j6f-qhc8