CVE-2026-33252
HIGH
GHSA-89xv-2j6f-qhc8
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L
Lifecycle Timeline
3Tags
Description
The Go SDK's Streamable HTTP transport accepted browser-generated cross-site `POST` requests without validating the `Origin` header and without requiring `Content-Type: application/json`. In deployments without Authorization, especially stateless or sessionless configurations, this allows an arbitrary website to send MCP requests to a local server and potentially trigger tool execution. #### Impact: A malicious website may have been able to send cross-site POST requests with `Content-Type: text/plain`, which due to CORS-safelisted properties would reach the MCP message handling without any CORS preflight barrier. #### Fix: The SDK was modified to perform `Content-Type` header validation for POST requests and introduced a configurable protection for verifying the origin of the request in commit a433a83. Users are advised to update to v1.4.1 to use this additional protection. Note: v1.4.1 requires Go 1.25 or later. #### Credits: Thank you to Lê Minh Quân for reporting the issue.
Analysis
The Go SDK's Streamable HTTP transport fails to validate the Origin header and Content-Type on POST requests, allowing attackers to send cross-site requests that bypass CORS protections and trigger MCP tool execution on vulnerable servers without authorization. This affects deployments using stateless or sessionless configurations where an attacker can host a malicious website to send arbitrary MCP requests to a victim's local server. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Inventory all systems running affected Go SDK versions and assess whether they operate without authorization controls. Within 7 days: Upgrade to Go SDK v1.4.1 (requires Go 1.25+) or implement compensating controls if upgrade is infeasible. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today