Affected versions of this package are vulnerable to Insecure Default Initialization of Resource via the StreamableHTTPServerTransport or SSEServerTransport process when enableDnsRebindingProtection is not enabled. An attacker can access resources or invoke tools exposed by the local server by exploiting DNS rebinding through a malicious website.
Note:
This is only exploitable if the server is running locally over HTTP without authentication and DNS rebinding protection is not enabled.
Remediation
Upgrade @modelcontextprotocol/sdk to version 1.24.0 or higher.