MCP Protocol Design Flaw: Anthropic Refuses Fix, Researchers Find RCE in Every SDK
OX Security has revealed a critical design flaw in Anthropic’s Model Context Protocol (MCP), affecting various SDKs and enabling remote code execution. Despite multiple notifications, Anthropic will not alter the architecture, deeming the flaw as “expected design.” Ten critical CVEs have been assigned, exposing organizations relying on MCP to significant risk.
You must be logged in to post a comment.