Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2026-35568 is a medium severity vulnerability with a CVSS score of 5.7. No known exploits currently, and patches are available.
Very low probability of exploitation
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
The java-sdk contains a DNS rebinding vulnerability. This vulnerability allows an attacker to access a locally or network-private java-sdk MCP server via a victims browser that is either local, or network adjacent.
This allows an attacker to make any tool call to the server as if they were a locally running MCP connected AI agent.
Prior to 1.0.0 no Origin header validation was occurring, in violation of the MCP specification. Base Protocol > Transports: 2.0.1 Security Warning:
1: Servers MUST validate the Origin header on all incoming connections to prevent DNS rebinding attacks.
When the web server serving HTTP traffic to the MCP server does not perform standard CORS checks, a DNS rebinding attack is possible.
Some default server configurations and frameworks come with embedded Origin header validation. MCP servers built using those are not vulnerable to this issue. For example, the following are NOT vulnerable:
Any developer connecting to a malicious website can inadvertently allow an attacker to make tool calls to local or private-network MCP servers.
Users can mitigate this risk by:
Host and Origin headers.| Vendor | Product |
|---|---|
| Lfprojects | Mcp Java Sdk |
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.