Summary
dbt MCP Server: Unauthenticated OAuth Context Endpoint Leaks dbt Platform Tokens
References
Related vulnerabilities
All Supply chain →- HIGHGHSA-JXCW-QP4H-6JFQ
PraisonAI A2U incomplete authentication fix leaves current serve command unauthenticated by default
- CRITICALGHSA-892R-P3JQ-JP24
PraisonAI: AgentOS remains unauthenticated after incomplete fix version and allows remote agent invocation
- CRITICALGHSA-X223-P2GF-V735
Langflow: Unauthenticated file upload leads to DoS (space exhaustion) and information leak
- HIGHGHSA-869J-R97X-HX2G
Anki's local HTTP server does not sufficiently validate requests
- MEDIUMGHSA-H4H3-3RFJ-X6FQ
SurrealDB: Indexed ORDER BY leaks the value ordering of a SELECT-restricted field
- HIGHGHSA-F4XH-W4CJ-QXQ8
LangSmith SDK TracingMiddleware: Arbitrary server-side file read