GHSA-QHFQ-GVVC-5Q6Q Apache Doris MCP Server vulnerable to SQL Injection via improper query context neutralization

Apache Doris MCP Server versions prior to 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Versions 0.6.1...

CVE-2025-66335

Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version...

CVE-2025-66335 Apache Doris MCP Server: MCP SQL inject

Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version...

EUVD-2025-24413

Malicious code in bioql PyPI...

CVE-2025-24302

Uncontrolled recursion for some TinyCBOR libraries maintained by IntelR before version 0.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

PT-2017-10399 · Unknown +2 · Game-Music-Emu +2

Name of the Vulnerable Software and Affected Versions: game-music-emu versions prior to 0.6.1 Description: The issue is related to the mishandling of unspecified integer values. Recommendations: For versions prior to 0.6.1, update to version 0.6.1 or later to resolve the issue...