An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks user validation.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Mariadb |
|
No data.
References
History
Wed, 17 Sep 2025 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mariadb model Context Protocol
|
|
| CPEs | cpe:2.3:a:mariadb:model_context_protocol:0.1.0:*:*:*:*:*:*:* | |
| Vendors & Products |
Mariadb model Context Protocol
|
Fri, 12 Sep 2025 09:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Mariadb
Mariadb mariadb Mariadb mcp |
|
| Vendors & Products |
Mariadb
Mariadb mariadb Mariadb mcp |
Wed, 10 Sep 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-20 | |
| Metrics |
cvssV3_1
|
Wed, 10 Sep 2025 14:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks user validation. | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2025-09-10T00:00:00.000Z
Updated: 2025-09-10T14:27:22.843Z
Reserved: 2025-08-16T00:00:00.000Z
Link: CVE-2025-56404
Vulnrichment
Updated: 2025-09-10T14:23:47.551Z
NVD
Status : Analyzed
Published: 2025-09-10T14:15:39.237
Modified: 2025-09-17T20:32:54.887
Link: CVE-2025-56404
Redhat
No data.