CVE-2026-55604

Arikusi · DeepSeek MCP Server

The DeepSeek MCP Server is susceptible to an authorization bypass, allowing unauthenticated attackers to manipulate user-controlled keys to access unauthorized resources.

Executive summary

An authorization bypass vulnerability in the DeepSeek MCP Server could allow unauthenticated attackers to gain unauthorized access to sensitive system functions.

Vulnerability

This vulnerability (CWE-639) stems from improper authorization checks where user-controlled keys can be manipulated to bypass access controls. The issue is reachable via network-based vectors without requiring authentication from the attacker.

Business impact

By bypassing authorization, an attacker may access or modify system data that should be restricted, leading to potential data leakage or unauthorized configuration changes. The CVSS score of 8.6 reflects the significant risk posed by this vulnerability, as it effectively negates the intended security boundaries of the server, leading to potential system-wide compromise.

Remediation

Immediate Action: Update the DeepSeek MCP Server to version 1.7.0 or newer to address the authorization bypass flaw.

Proactive Monitoring: Monitor application logs for unauthorized API calls or unexpected access to administrative resources from non-privileged accounts.

Compensating Controls: Ensure the server is placed behind a robust firewall and, if possible, implement additional authentication layers (e.g., mTLS) to restrict access to the service.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Users of the DeepSeek MCP Server should treat this vulnerability as critical. The ability to bypass authorization without credentials presents a severe risk to data confidentiality and should be remediated through an immediate update to the latest patched version.