Vendor

Dubydu

1 brief RSS

dubydu sqlite-mcp SQL Injection Vulnerability (CVE-2026-7206)

A SQL injection vulnerability exists in dubydu sqlite-mcp version 0.1.0 and earlier within the extract_to_json function allowing remote exploitation through manipulation of the output_filename argument.

exploited sqlite-mcp sql-injection cve-2026-7206 web-application

2r 1c 6d ago