Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-64443

Good to know:

icon
icon

Date: December 3, 2025

MCP Gateway allows easy and secure running and deployment of MCP servers. In versions 0.27.0 and earlier, when MCP Gateway runs in sse or streaming transport mode, it is vulnerable to DNS rebinding. An attacker who can get a victim to visit a malicious website or be served a malicious advertisement can perform browser-based exploitation of MCP servers executing behind the gateway, including manipulating tools or other features exposed by those MCP servers. MCP Gateway is not affected when running in the default stdio mode, which does not listen on network ports. Version 0.28.0 fixes this issue.

Severity Score

Related Resources (8)

https://github.com/docker/mcp-gateway
https://github.com/docker/mcp-gateway/commit/6b076b2479d8d1345c50c112119c62978d46858e
https://modelcontextprotocol.io/specification/2025-06-18/basic/transports#security-warning
https://github.com/docker/mcp-gateway/commit/fe073985c8eb6e0c9317d2f198c07686f70ea06d
https://github.com/docker/mcp-gateway/pull/190
https://github.com/docker/mcp-gateway/security/advisories/GHSA-46gc-mwh4-cc5r
https://nvd.nist.gov/vuln/detail/CVE-2025-64443
https://www.mend.io/vulnerability-database/CVE-2025-64443

Severity Score

Weakness Type (CWE)

Exposed Dangerous Method or Function

CWE-749

Top Fix

icon

Upgrade Version

Upgrade to version github.com/docker/mcp-gateway - v0.28.0;https://github.com/docker/mcp-gateway.git - v0.28.0

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality (C): LOW
Integrity (I): HIGH
Availability (A): NONE

Do you need more information?

Contact Us