PatchSiren cyber security CVE debrief
CVE-2026-44970 dbt-labs CVE debrief
The dbt-mcp server, a Model Context Protocol server for interacting with dbt, has a vulnerability in its usage tracking feature. Prior to version 1.17.1, the DefaultUsageTracker.emit_tool_called_event() function in src/dbt_mcp/tracking/tracking.py was sending sensitive information, including sql_query, vars, and node_selection, without proper redaction when usage_tracking_enabled was set to True in settings.py. This issue allowed for potential exposure of sensitive data through telemetry. The vulnerability has a CVSS score of 3.1 and a severity of LOW. Users of dbt-mcp version prior to 1.17.1 who have usage tracking enabled should review their configurations and consider updating to mitigate potential telemetry exposure.
- Vendor
- dbt-labs
- Product
- dbt-mcp
- CVSS
- LOW 3.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-16
- Original CVE updated
- 2026-07-16
- Advisory published
- 2026-07-16
- Advisory updated
- 2026-07-16
Who should care
Users of dbt-mcp version prior to 1.17.1 who have usage tracking enabled should review their configurations and consider updating to mitigate potential telemetry exposure. This includes operators, platform administrators, vulnerability management teams, and security teams who may be impacted by the exposure of sensitive data through telemetry.
Technical summary
The dbt-mcp server's DefaultUsageTracker.emit_tool_called_event() function in src/dbt_mcp/tracking/tracking.py was sending sensitive information, including sql_query, vars, and node_selection, without proper redaction when usage_tracking_enabled was set to True in settings.py. This issue allowed for potential exposure of sensitive data through telemetry. The vulnerability is characterized by a CVSS score of 3.1 and a severity of LOW. The fix is included in version 1.17.1.
Defensive priority
Apply the patch from version 1.17.1 to prevent sensitive data exposure through telemetry. Review and adjust usage tracking configurations to ensure alignment with privacy policies.
Recommended defensive actions
- Apply the patch from version 1.17.1 to prevent sensitive data exposure through telemetry.
- Review and adjust usage tracking configurations to ensure alignment with privacy policies.
- Verify that DBT_SEND_ANONYMOUS_USAGE_STATS=false or DO_NOT_TRACK=1 is set if usage tracking is not desired.
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review compensating controls for exposed systems while remediation is scheduled and verified.
- Check relevant monitoring, detection, and logs for exposed assets that need extra review.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record and NVD entry provide details on the vulnerability. The dbt-mcp server's usage tracking feature, when enabled, sent sensitive information without redaction. The fix is included in version 1.17.1. Evidence limits and source-confidence limits should be considered when evaluating the vulnerability.
Official resources
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T18:16:43.377Z and has not been modified since then.