- Description
- The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK can cause an unhandled exception when processing malformed requests, resulting in service unavailability (500 errors) until manually restarted. Impact may vary depending on the deployment conditions, and presence of infrastructure-level resilience measures. Version 1.9.4 contains a patch for the issue.
- Source
- security-advisories@github.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- security-advisories@github.com
- CWE-248
- Hype score
- Not currently trending
CVE-2025-53366 MCP Python SDK Validation Error Causing Unhandled Exception Before 1.9.4 https://t.co/ouvfjZtnms
@VulmonFeeds
5 Jul 2025
73 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-53366: HIGH] Update to MCP Python SDK version 1.9.4 to fix a validation error that could lead to service unavailability due to unhandled exceptions when processing malformed requests. #cybersecurity#cve,CVE-2025-53366,#cybersecurity https://t.co/kijStuCXn9 https://t.co/
@CveFindCom
4 Jul 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-53366 The MCP Python SDK, called `mcp` on PyPI, is a Python implementation of the Model Context Protocol (MCP). Prior to version 1.9.4, a validation error in the MCP SDK ca… https://t.co/wcvou0ZYKG
@CVEnew
4 Jul 2025
707 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes