{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-53366", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-06-27T12:57:16.121Z", "datePublished": "2025-07-04T22:05:02.975Z", "dateUpdated": "2025-07-08T13:52:28.447Z"}, "containers": {"cna": {"title": "MCP SDK Vulnerable to FastMCP Server Validation Error, Leading to Denial of Service", "problemTypes": [{"descriptions": [{"cweId": "CWE-248", "lang": "en", "description": "CWE-248: Uncaught Exception", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-3qhf-m339-9g5v", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-3qhf-m339-9g5v"}, {"name": "https://github.com/modelcontextprotocol/python-sdk/pull/822", "tags": ["x_refsource_MISC"], "url": "https://github.com/modelcontextprotocol/python-sdk/pull/822"}, {"name": "https://github.com/modelcontextprotocol/python-sdk/commit/29c69e6a47d0104d0afcea6ac35e7ab02fde809a", "tags": ["x_refsource_MISC"], "url": "https://github.com/modelcontextprotocol/python-sdk/commit/29c69e6a47d0104d0afcea6ac35e7ab02fde809a"}], "affected": [{"vendor": "modelcontextprotocol", "product": "python-sdk", "versions": [{"version": "< 1.9.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-07-04T22:05:02.975Z"}, "descriptions": [{"lang": "en", "value": "The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.9.4 contains a patch for the issue."}], "source": {"advisory": "GHSA-3qhf-m339-9g5v", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-08T13:52:21.837694Z", "id": "CVE-2025-53366", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-08T13:52:28.447Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-53366", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-08T13:52:21.837694Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-08T13:52:25.259Z"}}], "cna": {"title": "MCP SDK Vulnerable to FastMCP Server Validation Error, Leading to Denial of Service", "source": {"advisory": "GHSA-3qhf-m339-9g5v", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE"}}], "affected": [{"vendor": "modelcontextprotocol", "product": "python-sdk", "versions": [{"status": "affected", "version": "< 1.9.4"}]}], "references": [{"url": "https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-3qhf-m339-9g5v", "name": "https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-3qhf-m339-9g5v", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/modelcontextprotocol/python-sdk/pull/822", "name": "https://github.com/modelcontextprotocol/python-sdk/pull/822", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/modelcontextprotocol/python-sdk/commit/29c69e6a47d0104d0afcea6ac35e7ab02fde809a", "name": "https://github.com/modelcontextprotocol/python-sdk/commit/29c69e6a47d0104d0afcea6ac35e7ab02fde809a", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.9.4 contains a patch for the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-248", "description": "CWE-248: Uncaught Exception"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-07-04T22:05:02.975Z"}}}, "cveMetadata": {"cveId": "CVE-2025-53366", "state": "PUBLISHED", "dateUpdated": "2025-07-08T13:52:28.447Z", "dateReserved": "2025-06-27T12:57:16.121Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-07-04T22:05:02.975Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.9.4 contains a patch for the issue."}, {"lang": "es", "value": "MCP Python SDK, llamado \u00abmcp\u00bb en PyPI, es una implementaci\u00f3n en Python del Protocolo de Contexto de Modelo (MCP). Antes de la versi\u00f3n 1.9.4, un error de validaci\u00f3n en el SDK de MCP pod\u00eda provocar una excepci\u00f3n no controlada al procesar solicitudes malformadas, lo que provocaba la indisponibilidad del servicio (errores 500) hasta que se reiniciara manualmente. El impacto puede variar seg\u00fan las condiciones de implementaci\u00f3n y la presencia de medidas de resiliencia a nivel de infraestructura. La versi\u00f3n 1.9.4 incluye un parche para este problema."}], "id": "CVE-2025-53366", "lastModified": "2025-07-08T16:18:53.607", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-07-04T22:15:22.300", "references": [{"source": "[email protected]", "url": "https://github.com/modelcontextprotocol/python-sdk/commit/29c69e6a47d0104d0afcea6ac35e7ab02fde809a"}, {"source": "[email protected]", "url": "https://github.com/modelcontextprotocol/python-sdk/pull/822"}, {"source": "[email protected]", "url": "https://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-3qhf-m339-9g5v"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-248"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "mcp: MCP SDK Denial of Service Vulnerability", "id": "2376485", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376485"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "draft"}, "cwe": "CWE-248", "details": ["The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.9.4 contains a patch for the issue.", "A flaw was found in MCP. The MCP Python SDK contains a validation error that leads to an unhandled exception when processing malformed requests. This flaw allows a remote attacker to trigger this condition by sending a crafted request, resulting in an application-level service interruption."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-53366", "package_state": [{"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Affected", "package_name": "openshift-lightspeed/lightspeed-service-api-rhel9", "product_name": "OpenShift Lightspeed"}], "public_date": "2025-07-04T22:05:02Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-53366\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-53366\nhttps://github.com/modelcontextprotocol/python-sdk/commit/29c69e6a47d0104d0afcea6ac35e7ab02fde809a\nhttps://github.com/modelcontextprotocol/python-sdk/pull/822\nhttps://github.com/modelcontextprotocol/python-sdk/security/advisories/GHSA-3qhf-m339-9g5v"], "statement": "The severity of this vulnerability is rated Moderate as it does not impact system availability. The effects are confined to the application layer without compromising the underlying system stability.", "threat_severity": "Moderate"}