Arbitrary Argument Injection Affecting dbt-mcp package, versions [,1.17.1)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-PYTHON-DBTMCP-16734222
- published18 May 2026
- disclosed14 May 2026
- credithewei-gikaku
Introduced: 14 May 2026
NewCVE-2026-44968 (opens in a new tab)How to fix?
Upgrade dbt-mcp to version 1.17.1 or higher.
Overview
dbt-mcp is an A MCP (Model Context Protocol) server for interacting with dbt resources.
Affected versions of this package are vulnerable to Arbitrary Argument Injection via the node_selection or resource_type parameters in the _run_dbt_command process. An attacker can override configuration files and redirect execution by injecting arbitrary command-line flags, such as --profiles-dir, which may cause the application to load attacker-controlled configuration and perform unintended actions. This is only exploitable if the attacker can supply crafted tool arguments and has a configuration file accessible at the injected path on the host running the application.