Bug Hunter Exposes Three Serious MCP Database Flaws — One Vendor Refuses to Patch
Three critical security vulnerabilities in MCP database integrations have been publicly disclosed — and the fact that one vendor has refused to issue a patch makes this an active, ongoing risk for anyone running AI agents with database access. The findings, reported by The Register, come from a security researcher who spent several weeks systematically examining how popular database MCP connectors handle authentication, authorization, and input sanitization. What they found should prompt an immediate audit for any team using AI agents with database integrations. ...