pkg:PyPI/dbt-mcp
3 total CVEsMEDIUM1LOW2
✅ Check your installed version
All known vulnerabilities
MEDIUM6.3CVE-2026-44968dbt MCP Server has an Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters from 0, < 1.17.1
LOW3.1CVE-2026-44970dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction from 0, < 1.17.1
LOW2.5CVE-2026-44969dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled from 0, < 1.17.1