mcp-handler has a tool response leak across concurrent client sessions ('Race Condition')
mcp-handler versions prior to 1.1.0 accepted @modelcontextprotocol/sdk < 1.26.0 as a peer dependency. That SDK version contains a vulnerability [CVE-2026-25536] that causes concurrent requests from different clients to share server-side state including authentication context and tool execution results when a StreamableHTTPServerTransport instance is reused across requests. Note: This is not a vulnerability in mcp-handler itself. The root cause is in the peer dependency @modelcontextprotocol/sdk.