{"data":{"id":"aa3996fb-37d3-40fb-aab8-b0c77638b8ae","title":"Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain","summary":"Researchers discovered a critical vulnerability in Anthropic's Model Context Protocol (MCP, a system that allows AI models to interact with external tools and data) that allows attackers to run arbitrary commands on systems using vulnerable implementations. The flaw affects over 7,000 publicly accessible servers and has been found in popular AI projects like LangChain and LiteLLM, but Anthropic has declined to fix the underlying architectural issue, leaving developers responsible for protecting against it.","solution":"The source recommends several mitigations: block public IP access to sensitive services, monitor MCP tool invocations, run MCP-enabled services in a sandbox (an isolated test environment), treat external MCP configuration input as untrusted, and only install MCP servers from verified sources. Additionally, some vendors have issued patches for their specific products (LiteLLM, Bisheng, and DocsGPT are noted as patched).","labels":["security"],"sourceUrl":"https://thehackernews.com/2026/04/anthropic-mcp-design-vulnerability.html","publishedAt":"2026-04-20T10:42:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"critical","attackType":["supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic","LangChain","LlamaIndex"],"affectedVendorsRaw":["Anthropic","MCP","LiteLLM","LangChain","LangFlow","Flowise","LettaAI","LangBot","GPT Researcher","Agent Zero","Fay Framework","Bisheng","Langchain-Chatchat","Jaaz","Upsonic","Windsurf","DocsGPT","MCP Inspector","LibreChat","WeKnora","Cursor"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-20T10:42:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}