MCP Java SDK has a Hardcoded Wildcard CORS (Access-Control-Allow-Origin: *)
Hardcoded Wildcard CORS (Access-Control-Allow-Origin: * )
Advisories for Maven/Io.modelcontextprotocol.sdk/Mcp-Core package
2026
Hardcoded Wildcard CORS (Access-Control-Allow-Origin: * )