DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

GHSA-W2FM-25VW-VH7F: GHSA-W2FM-25VW-VH7F: Cross-Client Data Leak via Transport Race Condition in mcp-handler

#security #cve #cybersecurity #ghsa

GHSA-W2FM-25VW-VH7F: Cross-Client Data Leak via Transport Race Condition in mcp-handler

Vulnerability ID: GHSA-W2FM-25VW-VH7F
CVSS Score: 7.1
Published: 2026-04-01

A race condition in the underlying Model Context Protocol (MCP) TypeScript SDK causes a tool response leak across concurrent client sessions. The mcp-handler package prior to version 1.1.0 exposes applications to this cross-client data leak due to improper lifecycle management of transport and protocol instances in stateless environments.

TL;DR

mcp-handler < 1.1.0 relies on a vulnerable Model Context Protocol SDK that misroutes JSON-RPC responses and server-initiated messages between concurrent clients when transport instances are incorrectly reused.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-362 (Race Condition)
  • Attack Vector: Network
  • CVSS v3.1: 7.1 (High)
  • Confidentiality Impact: High
  • Integrity Impact: Low
  • Availability Impact: None
  • Exploit Status: Unauthenticated access via concurrent requests

Affected Systems

  • mcp-handler (npm package)
  • @modelcontextprotocol/sdk (npm package)
  • Vercel Serverless Functions running MCP endpoints
  • Node.js stateless MCP server deployments
  • mcp-handler: < 1.1.0 (Fixed in: 1.1.0)
  • @modelcontextprotocol/sdk: >= 1.10.0, < 1.26.0 (Fixed in: 1.26.0)

Mitigation Strategies

  • Upgrade mcp-handler to version 1.1.0 or later.
  • Upgrade @modelcontextprotocol/sdk to version 1.26.0 or later.
  • Ensure proper per-request object instantiation in stateless environments.

Remediation Steps:

  1. Identify all projects utilizing mcp-handler or @modelcontextprotocol/sdk within your dependency tree.
  2. Execute npm install mcp-handler@latest @modelcontextprotocol/sdk@latest or equivalent package manager commands.
  3. Review the serverless function handler code (e.g., Vercel API routes) to ensure McpServer and StreamableHTTPServerTransport instances are created inside the request handler function.
  4. Deploy the updated application and verify that parallel MCP requests process correctly without timeout errors.

References

Read the full report for GHSA-W2FM-25VW-VH7F on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)