CVE-2026-33946
Session Hijacking in MCP Ruby SDK SSE Stream (Pre
Publication date: 2026-03-27
Last updated on: 2026-04-02
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| lfprojects | mcp_ruby_sdk | to 0.9.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-639 | The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data. |
| CWE-384 | Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the MCP Ruby SDK's streamable_http_transport.rb implementation prior to version 0.9.2. It is a session hijacking vulnerability where an attacker who obtains a valid session ID can completely hijack the victim's Server-Sent Events (SSE) stream.
By hijacking the SSE stream, the attacker can intercept all real-time data intended for the victim.
This vulnerability was fixed in version 0.9.2 of the MCP Ruby SDK.
How can this vulnerability impact me? :
If exploited, this vulnerability allows an attacker to hijack a user's session and intercept all real-time data sent over the Server-Sent Events stream.
This can lead to unauthorized access to sensitive information transmitted in real-time, potentially compromising confidentiality and privacy.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should upgrade the MCP Ruby SDK to version 0.9.2 or later, which contains the patch for the session hijacking issue.