73 matches found
Insertion of Sensitive Information Into Sent Data
Overview dbt-mcp is an A MCP Model Context Protocol server for interacting with dbt resources. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the emittoolcalledevent process, which serializes and transmits all tool arguments, including...
GHSA-7XGW-6QF3-7W59 dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled
Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DbtMCP.calltool in src/dbtmcp/mcp/server.py logs the complete raw arguments dictionary at INFO level on every tool invocation line 67 and again at ERROR level if the call...
Arbitrary Argument Injection
Overview dbt-mcp is an A MCP Model Context Protocol server for interacting with dbt resources. Affected versions of this package are vulnerable to Arbitrary Argument Injection via the nodeselection or resourcetype parameters in the rundbtcommand process. An attacker can override configuration fil...
GHSA-XPWW-F6PM-CFHQ dbt MCP Server has an Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters
Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary rundbtcommand in src/dbtmcp/dbtcli/tools.py constructs the dbt subprocess argument list by appending user-supplied MCP tool parameters without sanitization. Two independen...
dbt MCP Server has an Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters
Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary rundbtcommand in src/dbtmcp/dbtcli/tools.py constructs the dbt subprocess argument list by appending user-supplied MCP tool parameters without sanitization. Two independen...
PT-2026-41149
Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DbtMCP.call tool in src/dbt mcp/mcp/server.py logs the complete raw arguments dictionary at INFO level on every tool invocation line 67 and again at ERROR level if the cal...
CVE-2026-44970
creationtimestamp| type| source ---|---|--- 2026-05-13 15:01:46+00:00| published-proof-of-concept| https://github.com/dbt-labs/dbt-mcp/security/advisories/GHSA-jj54-r8gm-2fcf...
CVE-2026-44968
creationtimestamp| type| source ---|---|--- 2026-05-13 15:01:21+00:00| published-proof-of-concept| https://github.com/dbt-labs/dbt-mcp/security/advisories/GHSA-xpww-f6pm-cfhq...
CVE-2026-39382
dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Inside the reusable workflow dbt-labs/actions/blob/main/.github/workflows/open-issue-in-repo.yml, the prep job uses peter-evans/find-comment to search for an...
CVE-2026-39382
dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. Inside the reusable workflow dbt-labs/actions/blob/main/.github/workflows/open-issue-in-repo.yml, the prep job uses peter-evans/find-comment to search for an...
CVE-2026-29790
dbt-common is the shared common utilities for dbt-core and adapter implementations use. Prior to versions 1.34.2 and 1.37.3, a path traversal vulnerability exists in dbt-common's safeextract function used when extracting tarball archives. The function uses os.path.commonprefix to validate that...
dbt-databricks (>=1.11.1 <=1.11.3) potentially affected by CVE-2026-29790 via dbt-common (=1.36.0)
dbt-common PYPI version =1.36.0 is affected by a known vulnerability. The following packages have a transitive dependency on dbt-common and may be impacted: - dbt-databricks =1.11.1, =1.11.3 Source cves: CVE-2026-29790 Source advisory: SNYK:PYTHON-DBTCOMMON-15440507...
acdc-aws-etl-pipeline (>=0.1.7 <=0.5.9), airflow-dbt-python (=2.1.0) +48 more potentially affected by CVE-2026-29790 via dbt-common (>=1.0.0b2 <=1.33.0)
dbt-common PYPI version =1.0.0b2, =0.1.7, =0.1.5, =0.21.7, =0.0.1rc1, =0.1.0a1, =1.0.9, =1.8.0, =1.8.0, =1.8.0, =1.8.0, =2.0.0rc1 and more Source cves: CVE-2026-29790 Source advisory: SNYK:PYTHON-DBTCOMMON-15440507...
Directory Traversal
Overview dbt-common is a The shared common utilities that dbt-core and adapter implementations use Affected versions of this package are vulnerable to Directory Traversal via the safeextract function. An attacker can write files outside the intended extraction directory by supplying a malicious...
CVE-2026-29790
dbt-common is the shared common utilities for dbt-core and adapter implementations use. Prior to versions 1.34.2 and 1.37.3, a path traversal vulnerability exists in dbt-common's safeextract function used when extracting tarball archives. The function uses os.path.commonprefix to validate that...
CVE-2026-29790 dbt-common: commonprefix() doesn't protect against path traversal
dbt-common is the shared common utilities for dbt-core and adapter implementations use. Prior to versions 1.34.2 and 1.37.3, a path traversal vulnerability exists in dbt-common's safeextract function used when extracting tarball archives. The function uses os.path.commonprefix to validate that...
CVE-2026-29790
dbt-common is affected by CVE-2026-29790 due to a path-traversal vulnerability in safe_extract() that uses os.path.commonprefix() for extraction path validation. Because commonprefix() compares paths character-by-character rather than by path components, a malicious tarball could write files outs...
CVE-2026-29790 dbt-common: commonprefix() doesn't protect against path traversal
dbt-common is the shared common utilities for dbt-core and adapter implementations use. Prior to versions 1.34.2 and 1.37.3, a path traversal vulnerability exists in dbt-common's safeextract function used when extracting tarball archives. The function uses os.path.commonprefix to validate that...
CVE-2026-29790 dbt-common: commonprefix() doesn't protect against path traversal
dbt-common is the shared common utilities for dbt-core and adapter implementations use. Prior to versions 1.34.2 and 1.37.3, a path traversal vulnerability exists in dbt-common's safeextract function used when extracting tarball archives. The function uses os.path.commonprefix to validate that...
CVE-2026-29790
dbt-common is the shared common utilities for dbt-core and adapter implementations use. Prior to versions 1.34.2 and 1.37.3, a path traversal vulnerability exists in dbt-common's safeextract function used when extracting tarball archives. The function uses os.path.commonprefix to validate that...