HomeCVE Intelligence › CVE-2026-42559
CVSS 8.8 HIGH Vulnerability

CVE-2026-42559: rmcp Streamable HTTP server transport has a DNS rebinding vulnerability

Summary Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport (crates/rmcp/src/transport/streamable_http_server/) did not validate the incoming Host header. This allowed a malicious public website, v…

8.8CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-42559
Vendorrust
Affected Productrmcp
Vulnerability TypeVulnerability
CVSS Score8.8 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport (crates/rmcp/src/transport/streamable_http_server/) did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to send authenticated requests to an MCP server running on the victim's loopback or private-network interface — violating the MCP specification's [transport security guidance](https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#security-warning).

Impact An attacker who convinces a victim to visit a malicious page can: - Enumerate and invoke any tool exposed by a locally-running rmcp-based MCP server.

• Read resources, prompts, and any state accessible via the MCP session.
• Trigger side effects (file writes, shell

🎯 Known Indicators of Compromise

{"type":"url","value":"https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#security-warning).","confidence_score":0.82,"first_seen":"2026-05-06","source_count":1} {"type":"domain","value":"modelcontextprotocol.io","confidence_score":0.75,"first_seen":"2026-05-06","source_count":1}

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-42559 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence