Description
Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version 0.6.1 and later are not affected.
Published: 2026-04-20
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: SQL Injection
Action: Immediate Upgrade
AI Analysis

Impact

Apache Doris MCP Server contains an improper neutralization flaw in its query context handling that allows an attacker to inject SQL statements through the MCP query execution interface. The injected commands bypass the intended validation logic and can execute unintended queries, potentially enabling data exfiltration, unauthorized modification, or denial of service. This vulnerability is a classic example of CWE‑89, where failure to properly sanitize user input leads to SQL injection.

Affected Systems

Apache Doris MCP Server, distributed by the Apache Software Foundation, is affected in all releases older than version 0.6.1. Versions 0.6.1 and newer do not contain this flaw. The vulnerability does not specify sub‑components or modules beyond the general MCP query interface, so any deployment of the affected server should be considered at risk.

Risk and Exploitability

The CVE metadata lists a CVSS score of 5.3 and an EPSS score that is not available, indicating a moderate severity vulnerability. The vulnerability is not listed in CISA’s KEV catalog. The likely attack vector is remote over the network via the MCP query endpoint, which is typically accessible to external actors. Because the flaw resides in core query handling and no workaround is publicly documented, exploitation could be straightforward for an attacker with network access to the server. Monitoring for anomalous query activity and limiting exposure until a patch is applied remain prudent measures.

Generated by OpenCVE AI on April 20, 2026 at 16:30 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Apache Doris MCP Server to version 0.6.1 or later to eliminate the SQL injection vulnerability.
  • Block or restrict external access to the MCP query execution interface until a patch is applied.
  • Enforce strict authentication and role-based authorization for all MCP queries and audit logs for suspicious activity.

Generated by OpenCVE AI on April 20, 2026 at 16:30 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 20 Apr 2026 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache doris Mcp Server
Vendors & Products Apache
Apache doris Mcp Server

Mon, 20 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 20 Apr 2026 14:30:00 +0000

Type Values Removed Values Added
References

Mon, 20 Apr 2026 14:00:00 +0000

Type Values Removed Values Added
Description Apache Doris MCP Server versions earlier than 0.6.1 are affected by an improper neutralization flaw in query context handling that may allow execution of unintended SQL statements and bypass of intended query validation and access restrictions through the MCP query execution interface. Version 0.6.1 and later are not affected.
Title Apache Doris MCP Server: MCP SQL inject
Weaknesses CWE-89
References

Subscriptions

Apache Doris Mcp Server
cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2026-04-20T14:17:11.395Z

Reserved: 2025-11-27T03:23:14.613Z

Link: CVE-2025-66335

cve-icon Vulnrichment

Updated: 2026-04-20T13:38:34.416Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-20T14:16:16.760

Modified: 2026-04-20T19:05:30.750

Link: CVE-2025-66335

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-20T16:45:11Z

Weaknesses