MCP: Untrusted Servers and Confused Clients, Plus a Sneaky Exploit
Summary
The Model Context Protocol (MCP) is a system that lets AI applications discover and use external tools from servers at runtime (while the program is running). However, MCP has a security weakness: because servers can send instructions through the tool descriptions, they can perform prompt injection (tricking an AI by hiding instructions in its input) to control the AI client, making servers more powerful than they should be.
Classification
Related Issues
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
CVE-2026-40087: LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-str
Original source: https://embracethered.com/blog/posts/2025/model-context-protocol-security-risks-and-exploits/
First tracked: February 12, 2026 at 02:20 PM
Classified by LLM (prompt v3) · confidence: 75%