You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: advisories/github-reviewed/2026/03/GHSA-rqj3-x344-qvxc/GHSA-rqj3-x344-qvxc.json
+49-5Lines changed: 49 additions & 5 deletions
Original file line number
Diff line number
Diff line change
@@ -1,19 +1,59 @@
1
1
{
2
2
"schema_version": "1.4.0",
3
3
"id": "GHSA-rqj3-x344-qvxc",
4
-
"modified": "2026-03-27T21:31:33Z",
4
+
"modified": "2026-04-02T00:00:24Z",
5
5
"published": "2026-03-25T18:31:55Z",
6
6
"aliases": [
7
7
"CVE-2026-30587"
8
8
],
9
-
"details": "Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.0.16-pro,12.0.14 and prior and fixed in 13.0.17, 13.0.17-pro, and 12.0.20-pro, via the Seadoc (sdoc) editor. The application fails to properly sanitize WebSocket messages regarding document structure updates. This allows authenticated remote attackers to inject malicious JavaScript payloads via the src attribute of embedded Excalidraw whiteboards or the href attribute of anchor tags",
9
+
"summary": "Seafile Server has multiple stored XSS vulnerabilities",
10
+
"details": "Multiple Stored XSS vulnerabilities exist in Seafile Server version 13.0.15,13.0.16-pro,12.0.14 and prior and fixed in 13.0.17, 13.0.17-pro, and 12.0.20-pro, via the Seadoc (sdoc) editor. The application fails to properly sanitize WebSocket messages regarding document structure updates. This allows authenticated remote attackers to inject malicious JavaScript payloads via the src attribute of embedded Excalidraw whiteboards or the href attribute of anchor tags.",
"summary": "mcp-handler has a tool response leak across concurrent client sessions ('Race Condition')",
8
+
"details": "`mcp-handler` versions prior to 1.1.0 accepted `@modelcontextprotocol/sdk` < 1.26.0 as a peer dependency. That SDK version contains a vulnerability [[CVE-2026-25536](https://nvd.nist.gov/vuln/detail/CVE-2026-25536)] that causes concurrent requests from different clients to share server-side state including authentication context and tool execution results when a `StreamableHTTPServerTransport` instance is reused across requests.\n\n**Note:** This is _not_ a vulnerability in `mcp-handler` itself. The root cause is in the peer dependency `@modelcontextprotocol/sdk`. \n\n### Impact\n\nA low-privileged attacker making concurrent requests to an `mcp-handler` endpoint can read another client's session data, including authentication information and tool execution state. This is a confidentiality breach with potential for limited integrity impact.\n\n**Root Cause:** [CVE-2026-25536](https://nvd.nist.gov/vuln/detail/CVE-2026-25536) in `@modelcontextprotocol/sdk` < 1.26.0. The SDK did not prevent reuse of stateless transports across client connections.\n\n### Patches\n\nUpgrade to `mcp-handler@1.1.0`. This release raises the minimum peer dependency to `@modelcontextprotocol/sdk@>=1.26.0`, which contains the fix for CVE-2026-25536. \n\n### Workarounds\n\n- Upgrade `@modelcontextprotocol/sdk` to `>=1.26.0` (note: the SDK will throw on transport reuse, which will break `mcp-handler` < 1.1.0 which effectively forces the upgrade)\n- Alternatively, manually create fresh `McpServer` and transport instances per request in your handler code",
![advisory-database[bot]](https://avatars.githubusercontent.com/in/21409?v=4&size=40){kind=avatar}
0 commit comments