DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global `SessionStore` accepts caller-supplied `session_id` values without binding them to any authenticated principal or transport session. An attacker can enumerate active session IDs via `deepseek_sessions`, then reuse a victim-controlled `session_id` in `deepseek_chat` to retrieve and continue the victim's conversation context. Version 1.7.0 contains a patch.

Project Subscriptions

Vendors Products
Arikusi Subscribe
Deepseek-mcp-server Subscribe
Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 10 Jul 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Arikusi
Arikusi deepseek-mcp-server
Vendors & Products Arikusi
Arikusi deepseek-mcp-server

Thu, 09 Jul 2026 21:45:00 +0000

Type Values Removed Values Added
Description DeepSeek MCP Server is an MCP server for DeepSeek V4. Starting in version 1.4.2 and prior to version 1.7.0, the process-global `SessionStore` accepts caller-supplied `session_id` values without binding them to any authenticated principal or transport session. An attacker can enumerate active session IDs via `deepseek_sessions`, then reuse a victim-controlled `session_id` in `deepseek_chat` to retrieve and continue the victim's conversation context. Version 1.7.0 contains a patch.
Title @arikusi/deepseek-mcp-server has an Authorization Bypass Through User-Controlled Key
Weaknesses CWE-639
References
Metrics cvssV3_1

{'score': 8.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-07-09T21:13:15.713Z

Reserved: 2026-06-16T23:31:22.445Z

Link: CVE-2026-55604

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-10T13:00:17Z

Weaknesses