18 matches found
CVE-2026-44969
dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DbtMCP.calltool in src/dbtmcp/mcp/server.py logged the raw arguments dictionary at INFO level before each tool call and at ERROR level on exceptions, and configurefilelogging wrote those records to dbt-mcp.log...
CVE-2026-44970
dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DefaultUsageTracker.emittoolcalledevent in src/dbtmcp/tracking/tracking.py serialized every MCP tool call's complete arguments dictionary and sent it through dbtlabsvortex.producer.logproto without redaction,...
CVE-2026-44969 dbt-mcp: Tool Arguments Including SQL Queries and Credentials Logged in Plaintext Without Redaction When File Logging Is Enabled
dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DbtMCP.calltool in src/dbtmcp/mcp/server.py logged the raw arguments dictionary at INFO level before each tool call and at ERROR level on exceptions, and configurefilelogging wrote those records to dbt-mcp.log...
CVE-2026-44969
dbt-mcp: CVE-2026-44969 involves logging of complete tool call arguments (including sql_query, vars, and node_selection) in plaintext when DBT_MCP_SERVER_FILE_LOGGING is enabled. The issue is present in earlier versions (e.g., v1.15.x) and fixed in v1.17.1. Connected sources confirm that argument...
CVE-2026-44969 dbt-mcp: Tool Arguments Including SQL Queries and Credentials Logged in Plaintext Without Redaction When File Logging Is Enabled
dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DbtMCP.calltool in src/dbtmcp/mcp/server.py logged the raw arguments dictionary at INFO level before each tool call and at ERROR level on exceptions, and configurefilelogging wrote those records to dbt-mcp.log...
CVE-2026-44970
CVE-2026-44970 affects dbt-mcp prior to v1.17.1. The DefaultUsageTracker.emit_tool_called_event() serializes every MCP tool call’s arguments (e.g., sql_query from show, vars from run/build/test, node_selection from compile) and transmits them to dbt Labs telemetry without redaction. Telemetry is ...
CVE-2026-44970 dbt-mcp: All MCP Tool Arguments Including Raw SQL and --vars Credentials Transmitted to dbt Labs Telemetry by Default Without Redaction
dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DefaultUsageTracker.emittoolcalledevent in src/dbtmcp/tracking/tracking.py serialized every MCP tool call's complete arguments dictionary and sent it through dbtlabsvortex.producer.logproto without redaction,...
CVE-2026-44970 dbt-mcp: All MCP Tool Arguments Including Raw SQL and --vars Credentials Transmitted to dbt Labs Telemetry by Default Without Redaction
dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, DefaultUsageTracker.emittoolcalledevent in src/dbtmcp/tracking/tracking.py serialized every MCP tool call's complete arguments dictionary and sent it through dbtlabsvortex.producer.logproto without redaction,...
CVE-2026-44968
Summary: CVE-2026-44968 affects dbt-mcp (Model Context Protocol server). Prior to v1.17.1, _run_dbt_command() in src/dbt_mcp/dbt_cli/tools.py appended user-supplied MCP parameters to the dbt subprocess argv without validation. This enables argument-list injection via two vectors: (1) node_selecti...
CVE-2026-44968 dbt-mcp: Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters
dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, rundbtcommand in src/dbtmcp/dbtcli/tools.py appended unsanitized nodeselection and resourcetype values to the dbt subprocess argument list, allowing an MCP client to inject dbt global flags such as --profiles-di...
CVE-2026-44968 dbt-mcp: Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters
dbt-mcp is a Model Context Protocol server for interacting with dbt. Prior to 1.17.1, rundbtcommand in src/dbtmcp/dbtcli/tools.py appended unsanitized nodeselection and resourcetype values to the dbt subprocess argument list, allowing an MCP client to inject dbt global flags such as --profiles-di...
Origin Validation Error
Overview dbt-mcp is an A MCP Model Context Protocol server for interacting with dbt resources. Affected versions of this package are vulnerable to Origin Validation Error in the GET /dbtplatformcontext endpoint, which is exposed without authentication or host-origin validation. An attacker can...
Insertion of Sensitive Information Into Sent Data
Overview dbt-mcp is an A MCP Model Context Protocol server for interacting with dbt resources. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the emittoolcalledevent process, which serializes and transmits all tool arguments, including...
GHSA-7XGW-6QF3-7W59 dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled
Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary DbtMCP.calltool in src/dbtmcp/mcp/server.py logs the complete raw arguments dictionary at INFO level on every tool invocation line 67 and again at ERROR level if the call...
Arbitrary Argument Injection
Overview dbt-mcp is an A MCP Model Context Protocol server for interacting with dbt resources. Affected versions of this package are vulnerable to Arbitrary Argument Injection via the nodeselection or resourcetype parameters in the rundbtcommand process. An attacker can override configuration fil...
dbt MCP Server has an Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters
Discovered through manual source code review. Verified by PoC execution against a local dbt-mcp v1.15.1 installation. Summary rundbtcommand in src/dbtmcp/dbtcli/tools.py constructs the dbt subprocess argument list by appending user-supplied MCP tool parameters without sanitization. Two independen...
PT-2026-41149
Name of the Vulnerable Software and Affected Versions dbt-mcp version 1.15.1 Description The DbtMCP.call tool function in src/dbt mcp/mcp/server.py logs the complete raw arguments dictionary at the INFO level for every tool invocation and at the ERROR level if an exception occurs. No fields are...
CVE-2026-44970
creationtimestamp| type| source ---|---|--- 2026-05-13 15:01:46+00:00| published-proof-of-concept| https://github.com/dbt-labs/dbt-mcp/security/advisories/GHSA-jj54-r8gm-2fcf...