High severity7.1NVD Advisory· Published Mar 24, 2026· Updated Apr 15, 2026
CVE-2026-33252
CVE-2026-33252
Description
The Go MCP SDK used Go's standard encoding/json. Prior to version 1.4.1, the Go SDK's Streamable HTTP transport accepted browser-generated cross-site POST requests without validating the Origin header and without requiring Content-Type: application/json. In deployments without Authorization, especially stateless or sessionless configurations, this allows an arbitrary website to send MCP requests to a local server and potentially trigger tool execution. Version 1.4.1 contains a patch for the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/modelcontextprotocol/go-sdkGo | < 1.4.1 | 1.4.1 |
Affected products
38- osv-coords37 versionspkg:apk/chainguard/datadog-cluster-agent-7.76pkg:apk/chainguard/datadog-cluster-agent-fips-7.76pkg:apk/chainguard/ferretdbpkg:apk/chainguard/flux-operator-mcppkg:apk/chainguard/flux-operator-mcp-fipspkg:apk/chainguard/gitlab-workhorse-ce-18.8pkg:apk/chainguard/gitlab-workhorse-ce-18.9pkg:apk/chainguard/gitlab-workhorse-ce-fips-18.8pkg:apk/chainguard/gitlab-workhorse-ce-fips-18.9pkg:apk/chainguard/glabpkg:apk/chainguard/jaeger-2-all-in-onepkg:apk/chainguard/jaeger-2-collectorpkg:apk/chainguard/jaeger-2-fips-all-in-onepkg:apk/chainguard/jaeger-2-fips-collectorpkg:apk/chainguard/jaeger-2-fips-ingesterpkg:apk/chainguard/jaeger-2-fips-jaegerpkg:apk/chainguard/jaeger-2-fips-querypkg:apk/chainguard/jaeger-2-ingesterpkg:apk/chainguard/jaeger-2-jaegerpkg:apk/chainguard/jaeger-2-querypkg:apk/chainguard/livekit-clipkg:apk/chainguard/opencostpkg:apk/chainguard/opencost-fipspkg:apk/chainguard/osv-scannerpkg:apk/wolfi/datadog-cluster-agent-7.76pkg:apk/wolfi/ferretdbpkg:apk/wolfi/flux-operator-mcppkg:apk/wolfi/glabpkg:apk/wolfi/jaeger-2-all-in-onepkg:apk/wolfi/jaeger-2-collectorpkg:apk/wolfi/jaeger-2-ingesterpkg:apk/wolfi/jaeger-2-jaegerpkg:apk/wolfi/jaeger-2-querypkg:apk/wolfi/opencostpkg:apk/wolfi/osv-scannerpkg:golang/github.com/modelcontextprotocol/go-sdkpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6
< 7.76.3-r4+ 36 more
- (no CPE)range: < 7.76.3-r4
- (no CPE)range: < 7.76.3-r4
- (no CPE)range: < 2.7.0-r10
- (no CPE)range: < 0.45.0-r3
- (no CPE)range: < 0.45.0-r2
- (no CPE)range: < 18.8.7-r1
- (no CPE)range: < 18.9.3-r0
- (no CPE)range: < 18.8.7-r1
- (no CPE)range: < 18.9.3-r1
- (no CPE)range: < 1.90.0-r0
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r2
- (no CPE)range: < 2.16.0-r2
- (no CPE)range: < 2.16.0-r2
- (no CPE)range: < 2.16.0-r2
- (no CPE)range: < 2.16.0-r2
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 1.119.2-r7
- (no CPE)range: < 1.119.2-r6
- (no CPE)range: < 2.3.3-r7
- (no CPE)range: < 7.76.3-r4
- (no CPE)range: < 2.7.0-r10
- (no CPE)range: < 0.45.0-r3
- (no CPE)range: < 1.90.0-r0
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 2.16.0-r3
- (no CPE)range: < 1.119.2-r7
- (no CPE)range: < 2.3.3-r7
- (no CPE)range: < 1.4.1
- (no CPE)range: < 0.0.20260326T203309-150000.1.155.2
Patches
Vulnerability mechanics
References
4- github.com/modelcontextprotocol/go-sdk/commit/a433a831d6e5d5ac3b9e625a8095aa8eaa040dfcnvdPatchWEB
- github.com/modelcontextprotocol/go-sdk/security/advisories/GHSA-89xv-2j6f-qhc8nvdPatchVendor AdvisoryWEB
- github.com/advisories/GHSA-89xv-2j6f-qhc8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2026-33252ghsaADVISORY
News mentions
0No linked articles in our index yet.