A critical vulnerability, CVE-2025-49596, has been discovered in the Model Context Protocol (MCP) that affects over 200,000 servers. The vulnerability, found in the STDIO transport, allows arbitrary code execution on developer machines through a browser visit without user interaction. OX Security disclosed that the popular MCP transport lacks authentication, and the official SDKs do not sanitize command fields, leading to the execution of malicious shell commands. To mitigate this risk, running MCP servers in serverless environments like AWS Lambda is recommended, as it eliminates persistent processes and provides built-in authentication mechanisms. AI
Summary written by gemini-2.5-flash-lite from 1 source. How we write summaries →
IMPACT Mitigates critical security risks for developers using the Model Context Protocol, encouraging safer infrastructure choices.
RANK_REASON The article discusses a security vulnerability in a specific protocol and offers a solution using serverless infrastructure, fitting the 'tool' category for security advisories and infrastructure recommendations.