Unbounded session retention in StreamableHTTPTransport allows memory exhaustion via initialize flood
Published: July 07, 2026
SECURITY IDENTIFIERS
- GHSA: GHSA-52jp-gj8w-j6xh
- Vendor Advisory: https://github.com/modelcontextprotocol/ruby-sdk/security/advisories/GHSA-52jp-gj8w-j6xh
GEM
SEVERITY
CVSS v3.x: 5.3 (Medium)
PATCHED VERSIONS
>= 0.23.0
DESCRIPTION
Summary
In its default configuration, MCP::Server::Transports::StreamableHTTPTransport never expires sessions. Every successful initialize request stores a new ServerSession and a session record under a fresh UUID, and the only path that removes them is an explicit client-issued HTTP DELETE. An unauthenticated attacker can repeatedly initialize new sessions and immediately disconnect, forcing the server to retain an unbounded number of ServerSession objects until memory is exhausted.
