Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.0
MCP Go SDK Fails to Validate Field Names Correctly
CVE-2026-27896
GHSA-wvj2-96wp-fq3f
Summary
The MCP Go SDK doesn't correctly check the names of fields in certain types of messages. This could allow a malicious user to send messages that would be blocked by other systems, creating confusion. To fix this, update to MCP Go SDK v1.3.1.
What to do
- Update github.com modelcontextprotocol to version 1.3.1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| github.com | modelcontextprotocol | <= 1.3.1 | 1.3.1 |
Original title
MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity
Original description
The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc. Additionally, Go's standard library folds the Unicode characters ſ (U+017F) and K (U+212A) to their ASCII equivalents s and k, meaning fields like "paramſ" would match "params". This violated the JSON-RPC 2.0 specification, which defines exact field names.
#### Impact:
A malicious MCP peer may have been able to send protocol messages with non-standard field casing (e.g., "Method" instead of "method") that the SDK would silently accept. This had the potential for:
- **Bypassing intermediary inspection:** Proxies or policy layers that matched on exact field names may have failed to detect or filter these messages.
- **Cross-implementation inconsistency:** Other MCP SDKs (TypeScript, Python) use case-sensitive parsing and would reject the same messages, creating potential security-boundary confusion.
#### Fix:
Go's standard JSON unmarshaling was replaced with a case-sensitive decoder (github.com/segmentio/encoding) in commit 7b8d81c. Users are advised to update to v1.3.1 to resolve this issue.
#### Credits:
MCP Go SDK thanks Francesco Lacerenza (Doyensec) for reporting this issue.
#### Impact:
A malicious MCP peer may have been able to send protocol messages with non-standard field casing (e.g., "Method" instead of "method") that the SDK would silently accept. This had the potential for:
- **Bypassing intermediary inspection:** Proxies or policy layers that matched on exact field names may have failed to detect or filter these messages.
- **Cross-implementation inconsistency:** Other MCP SDKs (TypeScript, Python) use case-sensitive parsing and would reject the same messages, creating potential security-boundary confusion.
#### Fix:
Go's standard JSON unmarshaling was replaced with a case-sensitive decoder (github.com/segmentio/encoding) in commit 7b8d81c. Users are advised to update to v1.3.1 to resolve this issue.
#### Credits:
MCP Go SDK thanks Francesco Lacerenza (Doyensec) for reporting this issue.
nvd CVSS4.0
7.0
Vulnerability type
CWE-178
CWE-436
Published: 26 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026