#sdk-vulnerability

MCP STDIO Executes Even When the Server Fails: One Design Decision, 14 CVEs, 30+ RCEs

[OX Security's April 2026 advisory](/articles/vercels-april-2026-database-leak-pivoted-from-lumma-stealer-at-context-ai-via/) traces 14 CVEs and 30+ RCEs across LiteLLM, Flowise, and Cursor to one MCP STDIO behavior: the command field executes before handshake.