{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34237", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-26T16:22:29.034Z", "datePublished": "2026-03-31T15:40:01.070Z", "dateUpdated": "2026-03-31T18:52:38.217Z"}, "containers": {"cna": {"title": "MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)", "problemTypes": [{"descriptions": [{"cweId": "CWE-942", "lang": "en", "description": "CWE-942: Permissive Cross-domain Policy with Untrusted Domains", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/modelcontextprotocol/java-sdk/security/advisories/GHSA-hv2w-8mjj-jw22", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/modelcontextprotocol/java-sdk/security/advisories/GHSA-hv2w-8mjj-jw22"}, {"name": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletSseServerTransportProvider.java#L289", "tags": ["x_refsource_MISC"], "url": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletSseServerTransportProvider.java#L289"}, {"name": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletStreamableServerTransportProvider.java#L525", "tags": ["x_refsource_MISC"], "url": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletStreamableServerTransportProvider.java#L525"}], "affected": [{"vendor": "modelcontextprotocol", "product": "java-sdk", "versions": [{"version": "< 1.0.1", "status": "affected"}, {"version": "< 1.1.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-31T15:40:01.070Z"}, "descriptions": [{"lang": "en", "value": "MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 1.0.1 and 1.1.1."}], "source": {"advisory": "GHSA-hv2w-8mjj-jw22", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T18:50:15.819733Z", "id": "CVE-2026-34237", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T18:52:38.217Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34237", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T18:50:15.819733Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T18:50:16.963Z"}}], "cna": {"title": "MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)", "source": {"advisory": "GHSA-hv2w-8mjj-jw22", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "modelcontextprotocol", "product": "java-sdk", "versions": [{"status": "affected", "version": "< 1.0.1"}, {"status": "affected", "version": "< 1.1.1"}]}], "references": [{"url": "https://github.com/modelcontextprotocol/java-sdk/security/advisories/GHSA-hv2w-8mjj-jw22", "name": "https://github.com/modelcontextprotocol/java-sdk/security/advisories/GHSA-hv2w-8mjj-jw22", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletSseServerTransportProvider.java#L289", "name": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletSseServerTransportProvider.java#L289", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletStreamableServerTransportProvider.java#L525", "name": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletStreamableServerTransportProvider.java#L525", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 1.0.1 and 1.1.1."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-942", "description": "CWE-942: Permissive Cross-domain Policy with Untrusted Domains"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-31T15:40:01.070Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34237", "state": "PUBLISHED", "dateUpdated": "2026-03-31T18:52:38.217Z", "dateReserved": "2026-03-26T16:22:29.034Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-31T15:40:01.070Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lfprojects:mcp_java_sdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "25694CAC-2051-4746-9F09-053F94A30507", "versionEndExcluding": "1.0.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:lfprojects:mcp_java_sdk:1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E0E201B-2A7F-49EE-A48E-6FF7D1AD3A7B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "MCP Java SDK is the official Java SDK for Model Context Protocol servers and clients. Prior to versions 1.0.1 and 1.1.1, there is a hardcoded wildcard CORS vulnerability. This issue has been patched in versions 1.0.1 and 1.1.1."}], "id": "CVE-2026-34237", "lastModified": "2026-04-03T14:29:40.640", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-31T16:16:32.923", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletSseServerTransportProvider.java#L289"}, {"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/modelcontextprotocol/java-sdk/blob/main/mcp-core/src/main/java/io/modelcontextprotocol/server/transport/HttpServletStreamableServerTransportProvider.java#L525"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://github.com/modelcontextprotocol/java-sdk/security/advisories/GHSA-hv2w-8mjj-jw22"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-942"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0.1)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.1.1)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "product": "java-sdk", "vendor": "modelcontextprotocol"}], "analysis": {"en": {"generated_at": "2026-04-03T17:23:09.439535+00:00", "value": {"mitigation_remediation": ["Upgrade the MCP Java SDK to version\u202f1.0.1 or later (including 1.1.1) where the wildcard CORS header has been removed."], "summary": {"action": "Update SDK", "impact": "Unrestricted cross\u2011origin resource sharing can lead to unintended data exposure from one domain to another."}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Model Context Protocol Java SDK for all releases prior to version 1.0.1 and 1.1.1. Clients and servers that integrate the SDK before these patch releases are susceptible; the patched versions introduce a non\u2011wildcard or configurable CORS policy.", "description_and_impact": "The MCP Java SDK hardcodes the HTTP header Access\u2011Control\u2011Allow\u2011Origin to an asterisk, permitting any web origin to issue cross\u2011origin requests and read responses. This CORS misconfiguration enables potential data leakage or cross\u2011site request forgery if the application exposes sensitive endpoints behind the SDK.", "risk_and_exploitability": "With a CVSS score of 6.1 and an EPSS below 1\u202f%, the risk is moderate and exploitation is unlikely but plausible. Attackers can exploit the flaw remotely by hosting a malicious web page, sending requests to the SDK\u2019s endpoints, and reading the responses due to the permissive CORS header. The vulnerability is not listed in the CISA KEV catalog, indicating no known widespread exploitation currently."}}}}, "created": "2026-03-31T19:54:06.126450+00:00", "updated": "2026-04-03T21:17:34.395481+00:00", "vendors": ["modelcontextprotocol", "modelcontextprotocol$PRODUCT$java-sdk"]}