PT-2026-51281
Name of the Vulnerable Software and Affected Versions Apache Doris MCP Server versions prior to 0.6.1 Description A SQL injection exists in a metadata query path where a user-controlled database name is directly interpolated into a SQL query. The query is executed without the caller's authorizati...