Because Anthropic formally declined to patch the root cause of the disclosed RCE vulnerabilities at the protocol level, every downstream MCP framework that inherited the reference SDK design also inherited the flaw — making server-level hardening the primary line of defense across an ecosystem with over 150 million package downloads in scope.