CVE-2026-11529 | designcomputer mysql-mcp-server up to 0.2.2 mysql URI server.py read_resource uri_str sql injection (Issue 89)

A vulnerability was found in designcomputer mysql-mcp-server up to 0.2.2. It has been rated as critical. The impacted element is the function read_resource of the file src/mysql_mcp_server/server.py of the component mysql URI Handler. This manipulation of the argument uri_str causes sql injection.

This vulnerability is registered as CVE-2026-11529. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More