Skip to content

CVE lookup

CVE-2026-34742

Pruva has a verified reproduction for CVE-2026-34742: Go MCP SDK DNS Rebinding - Server-Side Request Forgery on AI Infrastructure. The canonical evidence record is REPRO-2026-00129.

REPRO

REPRO-2026-00129

Package

github.com/modelcontextprotocol/go-sdk · Go module

Severity

HIGH

Status

published