Vulnerability in MCP Python SDK Affects JSON-RPC Message Security
CVE-2026-52869
7.1HIGH
What is CVE-2026-52869?
The MCP Python SDK, available on PyPI, implements the Model Context Protocol but contains a vulnerability that allows an authenticated client to inject JSON-RPC messages into existing sessions. Before version 1.27.2, session routing was handled using the session_id query parameter or the Mcp-Session-Id header without verifying the identity of the authenticated user who created the session. This oversight allows attackers to exploit known session IDs to manipulate the session and send unauthorized messages. This issue was resolved in version 1.27.2, emphasizing the importance of verifying user identity in session management.
Affected Version(s)
python-sdk < 1.27.2
