Intel

AIKIDO-2026-725245

mcp is vulnerable to Uncontrolled Resource Consumption

Uncontrolled Resource ConsumptionGHSA-h669-8m4g-r2hc Published Today

75

High Risk

This Affects:

RUBYmcp
0.1.0 - 0.22.0
Fixed in 0.23.0
Are you affected? Scan for Free

TL;DR

The MCP::Server::Transports::StreamableHTTPTransport reads the entire HTTP request body into a Ruby string and parses it with JSON.parse before any session validation, with no size or Content-Length limit and no bound on JSON nesting. An unauthenticated remote client can send a single oversized JSON-RPC POST that inflates the worker's memory many times over. This causes memory-exhaustion denial of service and can OOM-kill the worker. The fix caps request body reads via max_request_bytes and limits JSON nesting, rejecting oversized requests.

Who does this affect?

You are affected if you are using a version that falls within the vulnerable range and expose the Streamable HTTP transport to untrusted clients.

Background info

mcp is vulnerable to Uncontrolled Resource Consumption in versions 0.1.0 - 0.22.0.

How to fix this

Upgrade the mcp library to the patch version.