Skills
MCP Security Landscape 2026: 40+ CVEs Across Python/TypeScript/Java/Rust SDKs, 7,000 Public Servers Exposed, 9 of 11 Marketplaces Vulnerable
Between January and April 2026, researchers disclosed over 40 CVEs against MCP implementations across all four official SDK languages. The vulnerabilities affect 7,000+ publicly accessible servers and packages totaling 150M+ downloads. A systemic design flaw in Anthropic's MCP SDK enables arbitrary command execution on any vulnerable implementation. Nine of eleven MCP marketplaces are affected. Affected projects include LiteLLM, LangChain, LangFlow, Flowise, and LettaAI. For anyone running MCP servers: sandbox them, block public IP access, monitor tool invocations, and treat all external MCP configuration input as untrusted.
Source
↳ Follow the thread