https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-28T19:32:43.740669+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/a45a913a-3437-455e-bded-0118438c596b/exporta45a913a-3437-455e-bded-0118438c596b2026-05-28T19:32:44.071872+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "a45a913a-3437-455e-bded-0118438c596b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-42559", "type": "seen", "source": "https://gist.github.com/alon710/1478335359dc82e8637524c3acdbcdae", "content": "# GHSA-FVH2-GM75-J4J7: CVE-2026-42559: DNS Rebinding and CSRF in Model Context Protocol (MCP) HTTP Transport\n\n> **CVSS Score:** 8.8\n> **Published:** 2026-05-18\n> **Full Report:** https://cvereports.com/reports/GHSA-FVH2-GM75-J4J7\n\n## Summary\nThe Model Context Protocol (MCP) Rust SDK (`rmcp`), a transitive dependency of the `dynoxide` database proxy, contains a high-severity vulnerability in its streamable HTTP server transport. The component fails to properly validate incoming HTTP `Host` headers, permitting DNS rebinding and Cross-Origin Request Forgery (CSRF) attacks against locally running database proxies.\n\n## TL;DR\nA missing Host header validation in the rmcp HTTP transport allows attackers to execute arbitrary MCP tools on local dynoxide instances via DNS rebinding, leading to unauthenticated local database access.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CVSS Score**: 8.8\n- **EPSS Score**: 0.00018\n- **CWE ID**: CWE-346, CWE-350\n- **Attack Vector**: Network (DNS Rebinding)\n- **Exploit Status**: Proof of Concept\n- **Impact**: Data Exfiltration and Manipulation\n\n## Affected Systems\n\n- dynoxide-rs (crates.io)\n- dynoxide (npm)\n- rmcp (Model Context Protocol Rust SDK)\n- **dynoxide**: 0.9.3 - 0.9.12 (Fixed in: `0.9.13`)\n- **rmcp**: < 1.4.0 (Fixed in: `1.4.0`)\n\n## Mitigation\n\n- Upgrade the dynoxide binary to version 0.9.13 or later.\n- Upgrade the rmcp crate dependency to version 1.4.0 or later.\n- Disable the HTTP transport by using the default stdio transport (dynoxide mcp without --http).\n\n**Remediation Steps:**\n1. Identify all local installations of dynoxide.\n2. Update the dynoxide package using cargo install dynoxide-rs --force or npm update dynoxide.\n3. Verify the version by running dynoxide --version.\n4. Ensure start scripts do not include the --http flag if using older versions.\n\n## References\n\n- [NVD CVE Record: CVE-2026-42559](https://nvd.nist.gov/vuln/detail/CVE-2026-42559)\n- [RustSec Advisory: RUSTSEC-2026-0140](https://rustsec.org/advisories/RUSTSEC-2026-0140.html)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-FVH2-GM75-J4J7) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-18T17:40:50.000000Z"}2026-05-18T17:40:50+00:00