Launch Week Day 1: Announcing Security Design Review
Start for Free
pypi

dbt-mcp

View on pypi registry
3 Total advisories
3 Vulnerabilities
0 Malware

Vulnerabilities

LOW 3.1
PyPI

CVE-2026-44970

dbt MCP Server Transmits All MCP Tool Arguments Including Raw SQL and --vars Credentials to dbt Labs Telemetry by Default Without Redaction
MEDIUM 6.3
PyPI

CVE-2026-44968

dbt MCP Server has an Argument Injection in dbt CLI Tool Wrappers via node_selection and resource_type Parameters
LOW 2.5
PyPI

CVE-2026-44969

dbt MCP Server Logs Tool Arguments Including SQL Queries and Credentials in Plaintext Without Redaction When File Logging Is Enabled

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes