Model Context Protocol overhaul introduces new security challenges for developers

A significant update to the Model Context Protocol (MCP) is set to be released next month, addressing long-standing security vulnerabilities but simultaneously introducing new attack surfaces for developers to manage, according to a report by Akamai Technologies. The MCP 2026-07-28 specification, the most substantial architectural change since its inception, aims to transition the protocol from a single-user tool to an enterprise-scale, cloud-native platform, as reported by Silicon Angle.

The MCP 2026-07-28 specification removes protocol-level security risks found in earlier versions, such as stateful initialization and server-initiated prompts, and mandates OAuth 2.1, thereby enhancing authentication security. However, this shift places greater responsibility on developers and platform operators. New risks include the potential for attackers to hijack workflows or access unauthorized data by manipulating client-held state objects due to statelessness, according to Akamai. The introduction of a new _meta object allows attackers to inject malicious key-value pairs for privilege escalation. Mismatches between MCP HTTP headers and JSON-RPC bodies can bypass security controls, and the mapping of sensitive data into HTTP headers exposes secrets. Furthermore, MCP Apps introduce cross-site scripting risks within AI applications, potentially leading to deceptive content and data phishing.

A denial-of-service vector, termed "hit-and-run" task abuse, allows attackers to initiate costly operations that consume server resources without user interaction, Akamai reported. The security of MCP deployments now hinges on the implementation by developers, who must treat client-supplied data as untrusted, enforce cryptographic verification, and set resource quotas.

Source: Silicon Angle