MCP-Framework: Large HTTP request crashes server

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

8.7

MCP-Framework: Large HTTP request crashes server

GHSA-353c-v8x9-v7c3 CVE-2026-39313 GHSA-353c-v8x9-v7c3

Summary

A large HTTP request can cause the server to run out of memory and crash. This can happen if an attacker sends a very large POST request to the server. To fix this, MCP-Framework should set a limit on the size of HTTP requests or use a more efficient way to handle large requests. Until then, server administrators should consider setting a limit on the size of HTTP requests in the MCP-Framework configuration to prevent this issue.

What to do

Update quantgeekdev mcp-framework to version 0.2.22.
Update mcp-framework to version 0.2.22.

Affected software

Ecosystem	Vendor	Product	Affected versions
npm	quantgeekdev	mcp-framework	<= 0.2.21 Fix: upgrade to 0.2.22
npm	–	mcp-framework	< 0.2.22 <= 0.2.21 Fix: upgrade to 0.2.22

Original title

MCP-Framework: Unbounded memory allocation in readRequestBody allows denial of service via HTTP transport

Original description

### Summary

The `readRequestBody()` function in `src/transports/http/server.ts` concatenates HTTP request body chunks into a string with no size limit, allowing a remote unauthenticated attacker to crash the server via memory exhaustion with a single large HTTP POST request.

### Details

**File:** `src/transports/http/server.ts`, lines 224-240

```typescript
private async readRequestBody(req: IncomingMessage): Promise<any> {
return new Promise((resolve, reject) => {
let body = '';
req.on('data', (chunk) => {
body += chunk.toString(); // No size limit
});
req.on('end', () => {
try {
const parsed = body ? JSON.parse(body) : null;
resolve(parsed);
} catch (error) {
reject(error);
}
});
req.on('error', reject);
});
}
```

A `maxMessageSize` configuration value exists in `DEFAULT_HTTP_STREAM_CONFIG` (4MB, defined in `src/transports/http/types.ts` line 124) but is never enforced in `readRequestBody()`. This creates a false sense of security.

### PoC

Local testing with 50MB POST payloads against the vulnerable `readRequestBody()` function:

| Trial | Payload | RSS growth | Time | Result |
|-------|---------|-----------|------|--------|
| 1 | 50MB | +197MB | 42ms | Vulnerable |
| 2 | 50MB | +183MB | 46ms | Vulnerable |
| 3 | 50MB | +15MB | 43ms | Vulnerable |
| 4 | 50MB | +14MB | 32ms | Vulnerable |
| 5 | 50MB | +65MB | 38ms | Vulnerable |

Reproducibility: 5/5 (100%)

### Impact

- **Denial of Service:** Any mcp-framework HTTP server can be crashed by a single large POST request to /mcp
- **No authentication required:** readRequestBody() executes before any auth checks (auth is opt-in, default is no auth)
- **Dead config:** maxMessageSize exists but is never enforced, giving a false sense of security
- **Affected:** All applications using mcp-framework HttpStreamTransport (60,000 weekly npm downloads)

**CWE-770:** Allocation of Resources Without Limits or Throttling
**Suggested CVSS 3.1:** 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

### Suggested Fix

Enforce `maxMessageSize` in `readRequestBody()`:

```typescript
private async readRequestBody(req: IncomingMessage): Promise<any> {
const maxSize = this._config.maxMessageSize || 4 * 1024 * 1024;
return new Promise((resolve, reject) => {
let body = '';
let size = 0;
req.on('data', (chunk) => {
size += chunk.length;
if (size > maxSize) {
req.destroy();
reject(new Error('Request body too large'));
return;
}
body += chunk.toString();
});
// ...
});
}
```

### Disclosure Timeline

This report follows coordinated disclosure. I request a 90-day window before public disclosure.

**Reporter:** Raza Sharif, CyberSecAI Ltd ([email protected])

ghsa CVSS4.0 8.7

Vulnerability type

CWE-770 Allocation of Resources Without Limits

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 16 Apr 2026