Aikido Intel
Secure My Code
Intel

AIKIDO-2025-10678

rmcp is vulnerable to Cross-Site Request Forgery

Cross-Site Request Forgery Pre-CVE
Found by Aikido Intel before public disclosure or CVE publication.
Published Oct 8, 2025

25

Low Risk

This Affects:

RUSTrmcp
0.1.0 - 0.6.4
Fixed in 0.7.0
Are you affected? Scan for Free

TL;DR

Affected versions of this callback do not support validating a CSRF token by default for the OAuth 2.0 authorization flow. By requiring this as part of the OAuth 2.0 authorization flow, authorization flows are by default secured against cross-site request forgery. This is a breaking change, as it requires the user to pass a CSRF token.

Who does this affect?

If you've taken other measues against CSRF during the authorization flow, you may not be affected. Otherwise, you may be affected if you use a vulnerable version.

Background info

rmcp is vulnerable to Cross-Site Request Forgery in versions 0.1.0 - 0.6.4.

How to fix this

Upgrade the library to the patch version, and pass your generated CSRF token via the handle_callback function (you also need to provide the CSRF token via the state param at the start of the authorization flow).

Links

Are You Affected?

Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.

Scan for Free
Book a Demo

Free. No credit card required.

Aikido Platform
Subscribe
Stay up to date with all updates
LinkedIn YouTube X
© 2026 Aikido Security BV | BE0792914919
Ghent, Belgium | San Francisco, US
SOC 2SOC 2Compliant
ISO 27001ISO 27001Compliant
Get Security Done