Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | modelcontextprotocol/go-sdk | 0, 0 |
Timeline
- Mar 23, 2026 CVE Published
- Mar 25, 2026 CVE Updated
Cross-Site Tool Execution for HTTP Servers without Authorizatrion in github.com/modelcontextprotocol/go-sdk
| Vendor | Product | Versions |
|---|---|---|
| github.com | modelcontextprotocol/go-sdk | 0, 0 |