Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-jpw9-pfvf-9f58 | MCP Python SDK: HTTP transports serve session requests without verifying the authenticated principal |
Thu, 16 Jul 2026 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 16 Jul 2026 00:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Modelcontextprotocol
Modelcontextprotocol python-sdk |
|
| Vendors & Products |
Modelcontextprotocol
Modelcontextprotocol python-sdk |
Wed, 15 Jul 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to 1.27.2, the SSE and stateful Streamable HTTP transports mcp.server.sse.SseServerTransport and mcp.server.streamable_http_manager.StreamableHTTPSessionManager route requests to existing sessions using only the session_id query parameter or Mcp-Session-Id header without verifying the authenticated principal that created the session, allowing a different bearer-token-authenticated client with a known session ID to inject JSON-RPC messages into that session. This issue is fixed in version 1.27.2. | |
| Title | MCP Python SDK: HTTP transports serve session requests without verifying the authenticated principal | |
| Weaknesses | CWE-639 | |
| References |
|
|
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2026-07-16T13:00:37.854Z
Reserved: 2026-06-08T21:44:27.363Z
Link: CVE-2026-52869
Updated: 2026-07-16T13:00:32.557Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-15T23:45:15Z
Github GHSA