Stored Cross-Site Scripting in MCP Registry by Model Context Protocol
CVE-2026-44429

5.1MEDIUM

Key Information:

Vendor: Modelcontextprotocol
Status: Registry
Vendor: CVE Published:; 14 May 2026

🔔 Create Modelcontextprotocol Vulnerability Alert

What is CVE-2026-44429?

The MCP Registry is prone to a stored cross-site scripting vulnerability that allows attackers to inject malicious event handlers into the registry homepage. This issue arises from insufficient validation of the 'server.websiteUrl' field in published 'server.json' files. Although the server-side validation checks basic URL structure, it fails to adequately sanitize quotes. Consequently, when the value is included in the HTML output, it can break out of attributes and allow for the execution of arbitrary scripts. Users with publish tokens can exploit this to plant harmful scripts visible to all visitors, making this a significant security risk. This vulnerability has been addressed in MCP Registry version 1.7.7.

Affected Version(s)

registry < 1.7.7

References

https://github.com/modelcontextprotocol/registry/security...

x_refsource_CONFIRM

CVSS V4

Score:

5.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2026
Vulnerability Reserved
May 6, 2026

CVE-2026-44429 Data

JSON