CVE-2026-35568: Mcp Java Single Session Transport
The MCP Java SDK configured with a single-session web transport (e.g., WebFluxSseServerTransport) routes all connections into a shared context. This lack of session isolation is vulnerable to DNS rebinding attacks, enabling unauthorized websites or adjacent network attackers to execute arbitrary tools against the local AI agent as if they were the owner. Ref
Javaβgreprules fetch cve-2026-35568-mcp-java-single-session-transport --engine opengrepDescription
The MCP Java SDK configured with a single-session web transport (e.g., WebFluxSseServerTransport) routes all connections into a shared context. This lack of session isolation is vulnerable to DNS rebinding attacks, enabling unauthorized websites or adjacent network attackers to execute arbitrary tools against the local AI agent as if they were the owner. Ref
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0