Key Findings Critical "by design" vulnerability in Anthropic's Model Context Protocol (MCP) architecture enables remote code execution (RCE) on any system running vulnerable MCP implementations Unsafe defaults in STDIO transport interface configuration allow attackers to execute arbitrary OS commands and access sensitive data, API keys, and chat histories Vulnerability affects over 7,000 publicly accessible servers and software packages totaling more than 150 million download
