CVE-2026-11529

Received Received - Intake

SQL Injection in mysql-mcp-server

Publication date: 2026-06-08

Last updated on: 2026-06-08

Assigner: VulDB

Description

A vulnerability was determined in designcomputer mysql-mcp-server up to 0.2.2. The impacted element is the function read_resource of the file src/mysql_mcp_server/server.py of the component mysql URI Handler. This manipulation of the argument uri_str causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. Upgrading to version 0.3.0 is sufficient to resolve this issue. Patch name: 080bef9a96d625ce0dfbde573a08b93497871981. Upgrading the affected component is advised.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-06-08

Last Modified

2026-06-08

Generated

2026-06-09

AI Q&A

2026-06-08

EPSS Evaluated

N/A

NVD

CVE-2026-11529

EUVD

EUVD-2026-35108

Affected Vendors & Products

Vendor	Product	Version / Range
designcomputer	mysql-mcp-server	to 0.2.2 (inc)
designcomputer	mysql-mcp-server	0.3.0
designcomputer	mysql_mcp_server	to 0.2.2 (inc)
designcomputer	mysql_mcp_server	0.3.0

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-89	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
CWE-74	The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

CWE ID

Description

CWE-89

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

CWE-74

The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.

Attack-Flow Graph

Compliance Impact

The vulnerability CVE-2026-11529 is a SQL injection flaw that allows attackers to execute unauthorized SQL commands with the privileges of the MySQL connection, potentially leading to unauthorized data access, data leakage, and manipulation of sensitive information.

Such unauthorized access and data breaches can impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access and breaches.

Specifically, the ability to leak user credentials, extract password hashes, read sensitive tables, and write files to the server could lead to violations of data protection requirements, breach notification obligations, and overall failure to maintain data confidentiality and integrity.

Mitigations such as upgrading to version 0.3.0, implementing strict input validation, using least privilege database users, and employing parameterized queries are critical to restoring compliance and reducing risk.

Executive Summary

CVE-2026-11529 is a SQL injection vulnerability found in the mysql-mcp-server component, specifically in the read_resource function of the mysql URI Handler. The vulnerability arises because the server processes URIs containing table names without properly sanitizing or parameterizing them before including them in SQL queries. This allows an attacker to craft malicious URIs with embedded SQL code that can be executed by the server.

The injection occurs when the table name extracted from the URI is directly interpolated into a SQL query, enabling attackers to execute arbitrary SQL commands remotely without authentication beyond initial server configuration.

Impact Analysis

Exploitation of this vulnerability can lead to unauthorized actions on the database server with the privileges of the configured MySQL connection, which often has high-level access.

Leakage of sensitive data, including user credentials and password hashes.
Enumeration of database structures and tables.
Reading server files if the FILE privilege is enabled.
Writing files to the server, potentially leading to further compromise.
Denial-of-service attacks by consuming resources or dropping tables.

The attack can be triggered remotely by manipulating the URI parameter sent to the MCP server, possibly through prompt injection attacks against AI clients, malicious MCP clients, or man-in-the-middle attacks.

Detection Guidance

The vulnerability involves SQL injection through the URI parameter processed by the read_resource() function in the mysql-mcp-server. Detection can focus on monitoring for suspicious URI patterns that include SQL payloads such as UNION SELECT statements or other SQL injection attempts.

Since the injection occurs via the URI string, network or system detection could involve inspecting logs or traffic for unusual URI requests targeting the mysql-mcp-server, especially those containing SQL keywords or special characters.

Suggested commands to detect potential exploitation attempts include searching server logs for suspicious URI patterns or SQL keywords. For example, on a Linux system, you might use:

grep -iE "union|select|drop|insert|update|delete" /path/to/mysql_mcp_server/logs/*
tcpdump or Wireshark filters to capture traffic containing suspicious URI strings targeting the mysql-mcp-server port.

Additionally, validating the table names against a whitelist or checking for unexpected table names in logs or database queries can help detect exploitation attempts.

Mitigation Strategies

The primary mitigation step is to upgrade the mysql-mcp-server to version 0.3.0 or later, as this version includes fixes that prevent the SQL injection vulnerability.

Additional immediate mitigation measures include:

Validate table names against a whitelist to ensure only expected tables are queried.
Verify table names against the results of SHOW TABLES queries to prevent unauthorized table access.
Use backtick quoting for table names to avoid SQL injection through table name manipulation.
Employ least privilege principles by configuring the MySQL user with SELECT-only permissions to limit the impact of any potential exploitation.
Use parameterized queries for all other query values to prevent injection.

Also, consider monitoring and restricting access to the MCP server to trusted clients and networks to reduce the risk of exploitation.

Hi! I’m here to help you understand CVE-2026-11529. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2026-11529

SQL Injection in mysql-mcp-server

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart