CVE-2026-0621 identifies a regular expression denial of service (ReDoS) vulnerability in the MCP TypeScript SDK developed by Anthropic, specifically in versions up to and including 1.25.1. The vulnerability exists within the UriTemplate class, which processes URI templates compliant with RFC 6570, focusing on exploded array patterns. The underlying issue is that the dynamically generated regular expressions used for URI matching contain nested quantifiers, a pattern known to cause catastrophic backtracking when processing specially crafted inputs. This excessive backtracking leads to exponential CPU consumption, causing the Node.js process running the SDK to become unresponsive and effectively denying service. The vulnerability can be triggered remotely by an unauthenticated attacker who supplies a malicious URI, requiring no user interaction. The CVSS 4.0 base score is 8.7, indicating a high severity due to network attack vector, no required privileges or user interaction, and a high impact on availability. No patches or fixes are currently linked, and no known exploits have been reported in the wild. The vulnerability falls under CWE-1333, which relates to inefficient regular expression complexity leading to performance degradation. This vulnerability is particularly critical for applications exposing APIs or web services that utilize the MCP TypeScript SDK for URI processing, as it can be weaponized to cause denial of service conditions remotely.

The primary impact of CVE-2026-0621 is on the availability of services using the vulnerable MCP TypeScript SDK, as exploitation causes excessive CPU usage leading to service unresponsiveness or crashes. For European organizations, especially those relying on Node.js-based web services, APIs, or microservices that incorporate this SDK for URI template processing, this vulnerability could lead to significant downtime, degraded user experience, and potential loss of business continuity. Industries such as finance, e-commerce, telecommunications, and public sector entities that depend on reliable API services are particularly at risk. Additionally, denial of service attacks can be leveraged as part of larger multi-vector attacks or to distract from other malicious activities. The lack of authentication or user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation attempts. Although no known exploits are reported yet, the high CVSS score and ease of exploitation suggest that threat actors may develop exploits rapidly. This could also impact cloud service providers and SaaS platforms hosting European customers if they use the vulnerable SDK internally.

1. Immediate mitigation involves updating the MCP TypeScript SDK to a patched version once released by Anthropic. Monitor official channels for patch announcements. 2. Until a patch is available, implement strict input validation and sanitization on all URIs processed by the application to detect and reject suspicious or malformed URI templates, especially those containing exploded array patterns. 3. Employ rate limiting and throttling on API endpoints that utilize the vulnerable SDK to reduce the risk of resource exhaustion from repeated malicious requests. 4. Use runtime monitoring and alerting to detect abnormal CPU usage spikes or process unresponsiveness indicative of ReDoS attacks. 5. Consider deploying Web Application Firewalls (WAFs) with custom rules to block known malicious URI patterns targeting this vulnerability. 6. Conduct code reviews and static analysis focusing on regular expression usage in URI processing to identify and remediate inefficient patterns. 7. For critical services, isolate vulnerable components in separate containers or sandboxes to limit the blast radius of potential DoS attacks. 8. Educate development teams about secure regular expression practices and the risks of ReDoS vulnerabilities.