Vulnerability in MCP Python SDK Affects JSON-RPC Message Security
CVE-2026-52869

7.1HIGH

Key Information:

Vendor
CVE Published:
15 July 2026

What is CVE-2026-52869?

The MCP Python SDK, available on PyPI, implements the Model Context Protocol but contains a vulnerability that allows an authenticated client to inject JSON-RPC messages into existing sessions. Before version 1.27.2, session routing was handled using the session_id query parameter or the Mcp-Session-Id header without verifying the identity of the authenticated user who created the session. This oversight allows attackers to exploit known session IDs to manipulate the session and send unauthorized messages. This issue was resolved in version 1.27.2, emphasizing the importance of verifying user identity in session management.

Affected Version(s)

python-sdk < 1.27.2

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.