2885 matches found
EUVD-2025-24359
Malicious code in bioql PyPI...
EUVD-2025-14007
Malicious code in bioql PyPI...
EUVD-2025-21508
Malicious code in bioql PyPI...
EUVD-2022-26830
Malicious code in bioql PyPI...
EUVD-2024-18618
Malicious code in bioql PyPI...
EUVD-2022-41864
Malicious code in bioql PyPI...
EUVD-2025-29621
Malicious code in bioql PyPI...
EUVD-2024-52871
Malicious code in bioql PyPI...
EUVD-2025-21509
Malicious code in bioql PyPI...
EUVD-2023-26099
Malicious code in bioql PyPI...
server-sqli
This is a PoC exploit for CVE-YYYY-NNNN, an intentional SQL inje...
Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (July 2025)
Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...
Access Control Bypass
Overview @executeautomation/database-server is a MCP server for interacting with SQLite and SQL Server databases by ExecuteAutomation Affected versions of this package are vulnerable to Access Control Bypass in the readquery tool. An attacker can gain unauthorized access to sensitive data and...
@shadypixel/mssql-mcp (=1.0.0) potentially affected by CVE-2025-59333 via @executeautomation/database-server (=1.1.0)
@executeautomation/database-server NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on @executeautomation/database-server and may be impacted: - @shadypixel/mssql-mcp =1.0.0 Source cves: CVE-2025-59333 Source advisory:...
@executeautomation/database-server does not properly restrict access, bypassing a "read-only" mode
The MCP Server provided by ExecuteAutomation at https://github.com/executeautomation/mcp-database-server provides an MCP interface for agentic workflows to interact with different kinds of database servers such as PostgreSQL database. However, the mcp-database-server MCP Server distributed via th...
@shadypixel/mssql-mcp (=1.0.0) potentially affected by CVE-2025-59333 via @executeautomation/database-server (=1.1.0)
@executeautomation/database-server NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on @executeautomation/database-server and may be impacted: - @shadypixel/mssql-mcp =1.0.0 Source cves: CVE-2025-59333 Source advisory:...
GHSA-65HM-PWJ5-73PW @executeautomation/database-server does not properly restrict access, bypassing a "read-only" mode
The MCP Server provided by ExecuteAutomation at https://github.com/executeautomation/mcp-database-server provides an MCP interface for agentic workflows to interact with different kinds of database servers such as PostgreSQL database. However, the mcp-database-server MCP Server distributed via th...
CVE-2025-59333 @executeautomation/database-server does not properly restrict access, bypassing a "read-only" mode
The mcp-database-server MCP Server 1.1.0 and earlier, as distributed via the npm package @executeautomation/database-server, fails to implement adequate security controls to properly enforce a "read-only" mode. This vulnerability affects only the npm distribution; other distributions are not...
CVE-2025-59333 @executeautomation/database-server does not properly restrict access, bypassing a "read-only" mode
The mcp-database-server MCP Server 1.1.0 and earlier, as distributed via the npm package @executeautomation/database-server, fails to implement adequate security controls to properly enforce a "read-only" mode. This vulnerability affects only the npm distribution; other distributions are not...
PT-2025-37998
Name of the Vulnerable Software and Affected Versions: mcp-database-server MCP Server versions 1.1.0 and earlier Description: The mcp-database-server MCP Server distributed via the npm package @executeautomation/database-server does not implement adequate security controls to enforce read-only...