GHSA-8r9q-7v3j-jr4g
Anthropic's MCP TypeScript SDK has a ReDoS vulnerability
Details
### Impact
A ReDoS vulnerability in the `UriTemplate` class allows attackers to cause denial of service. The `partToRegExp()` function generates a regex pattern with nested quantifiers (`([^/]+(?:,[^/]+)*)`) for exploded template variables (e.g., `{/id*}`, `{?tags*}`), causing catastrophic backtracking on malicious input.
**Who is affected:** MCP servers that register resource templates with exploded array patterns and accept requests from untrusted clients.
**Attack result:** An attacker sends a crafted URI via `resources/read` request, causing 100% CPU utilization, server hang/crash, and denial of service for all clients.
### Affected Versions
All versions of `@modelcontextprotocol/sdk` prior to the patched release.
### Patches
v1.25.2 contains b392f02ffcf37c088dbd114fedf25026ec3913d3 the fix modifies the regex pattern to prevent backtracking.
### Workarounds
- Avoid using exploded patterns (`{/id*}`, `{?tags*}`) in resource templates - Implement request timeouts and rate limiting - Validate URIs before processing to reject suspicious patterns
Are you affected?
Enter the version of the package you're using.
Affected packages
1.3.0 Fixed in: 1.25.2 npm install @modelcontextprotocol/sdk@1.25.2 References
- https://github.com/modelcontextprotocol/typescript-sdk/security/advisories/GHSA-cqwc-fm46-7fff [WEB]
- https://nvd.nist.gov/vuln/detail/CVE-2026-0621 [ADVISORY]
- https://github.com/modelcontextprotocol/typescript-sdk/issues/965 [WEB]
- https://github.com/modelcontextprotocol/typescript-sdk/commit/7f0cf730 [WEB]
- https://github.com/modelcontextprotocol/typescript-sdk/commit/b392f02ffcf37c088dbd114fedf25026ec3913d3 [WEB]
- https://github.com/modelcontextprotocol/typescript-sdk [PACKAGE]
- https://github.com/modelcontextprotocol/typescript-sdk/releases/tag/v1.25.2 [WEB]
- https://www.vulncheck.com/advisories/mcp-typescript-sdk-uritemplate-exploded-array-pattern-redos [WEB]