CVE-2026-0621
ReDoS Vulnerability in Anthropic MCP SDK UriTemplate Causes DoS
Publication date: 2026-01-05
Last updated on: 2026-01-05
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| anthropic | mcp_typescript_sdk | to 1.25.1 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1333 | The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-0621 is a Regular Expression Denial of Service (ReDoS) vulnerability in the MCP TypeScript SDK's UriTemplate class. It occurs when processing exploded array patterns defined by RFC 6570, where a dynamically generated regular expression contains nested quantifiers. This causes catastrophic backtracking on specially crafted inputs, leading to excessive CPU consumption and making the Node.js process unresponsive. Attackers exploit this by sending malicious URIs that trigger the vulnerable regex, causing denial of service. [1, 2]
How can this vulnerability impact me? :
This vulnerability can cause the affected server to consume 100% CPU, leading to crashes and denial of service. It results in service unavailability affecting all clients relying on the MCP server using exploded URI patterns. The Node.js process becomes unresponsive, severely degrading service availability and operational stability. Attackers need network access and MCP client permissions to exploit this. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusually high CPU usage or unresponsive Node.js processes when handling URIs with exploded array patterns. Specifically, look for requests containing comma-separated values in URI segments matching patterns like {/id*} or {?tags*}. To detect exploitation attempts, you can use network monitoring tools or logs to identify suspicious URIs with multiple comma-separated values. Additionally, you can test the vulnerable regex pattern locally by running a script that uses the MCP TypeScript SDK's UriTemplate.match() method with crafted inputs that include repeated comma-separated values to observe if the process hangs or consumes excessive CPU. Example command to test locally (Node.js): ```node -e "const { UriTemplate } = require('mcp-typescript-sdk'); const template = new UriTemplate('/users{/id*}'); console.time('match'); template.match('/users/user1,user2,user3,user4,user5FAIL/'); console.timeEnd('match');"``` If the matching takes an unusually long time or hangs, the vulnerability is present. For network detection, use tools like tcpdump or Wireshark to filter HTTP requests with suspicious URI patterns or use log analysis to find requests with multiple comma-separated values in exploded array pattern segments. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the vulnerable regular expression pattern in the MCP TypeScript SDK's UriTemplate class to a safer version that prevents catastrophic backtracking. Specifically, change the regex from `([^/]+(?:,[^/]+)*)` to `([^/,]+(?:,[^/,]+)*)`, which excludes commas from the character class and prevents nested quantifiers from causing excessive backtracking. Additionally, update the MCP TypeScript SDK to a version that includes this fix or apply a patch to the `typescript-sdk/src/shared/uriTemplate.ts` file to modify the regex pattern accordingly. Until the fix is applied, consider restricting or validating incoming URIs to block or sanitize requests containing suspicious exploded array patterns with multiple comma-separated values. Monitoring and rate limiting requests that match the vulnerable pattern can also help reduce the risk of exploitation. [1]