pkg:Go/github.com/modelcontextprotocol/go-sdk
5 total CVEsHIGH3
✅ Check your installed version
All known vulnerabilities
HIGH8.1CVE-2026-34742DNS Rebinding Protection Disabled by Default in Model Context Protocol Go SDK for Servers Running on Localhost from 0, < 1.4.0
HIGH7.1CVE-2026-33252Cross-Site Tool Execution for HTTP Servers without Authorizatrion in github.com/modelcontextprotocol/go-sdk from 0, < 1.4.1
HIGH7.1CVE-2026-33252Cross-Site Tool Execution for HTTP Servers without Authorizatrion in github.com/modelcontextprotocol/go-sdk from 0, < 1.4.1
—MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity in github.com/modelcontextprotocol/go-sdk
from 0, < 1.3.1
—MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity in github.com/modelcontextprotocol/go-sdk
from 0, < 1.3.1