PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-44970 dbt-labs CVE debrief

The dbt-mcp server, a Model Context Protocol server for interacting with dbt, has a vulnerability in its usage tracking feature. Prior to version 1.17.1, the DefaultUsageTracker.emit_tool_called_event() function in src/dbt_mcp/tracking/tracking.py was sending sensitive information, including sql_query, vars, and node_selection, without proper redaction when usage_tracking_enabled was set to True in settings.py. This issue allowed for potential exposure of sensitive data through telemetry. The vulnerability has a CVSS score of 3.1 and a severity of LOW. Users of dbt-mcp version prior to 1.17.1 who have usage tracking enabled should review their configurations and consider updating to mitigate potential telemetry exposure.

Vendor
dbt-labs
Product
dbt-mcp
CVSS
LOW 3.1
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-16
Original CVE updated
2026-07-16
Advisory published
2026-07-16
Advisory updated
2026-07-16

Who should care

Users of dbt-mcp version prior to 1.17.1 who have usage tracking enabled should review their configurations and consider updating to mitigate potential telemetry exposure. This includes operators, platform administrators, vulnerability management teams, and security teams who may be impacted by the exposure of sensitive data through telemetry.

Technical summary

The dbt-mcp server's DefaultUsageTracker.emit_tool_called_event() function in src/dbt_mcp/tracking/tracking.py was sending sensitive information, including sql_query, vars, and node_selection, without proper redaction when usage_tracking_enabled was set to True in settings.py. This issue allowed for potential exposure of sensitive data through telemetry. The vulnerability is characterized by a CVSS score of 3.1 and a severity of LOW. The fix is included in version 1.17.1.

Defensive priority

Apply the patch from version 1.17.1 to prevent sensitive data exposure through telemetry. Review and adjust usage tracking configurations to ensure alignment with privacy policies.

Recommended defensive actions

  • Apply the patch from version 1.17.1 to prevent sensitive data exposure through telemetry.
  • Review and adjust usage tracking configurations to ensure alignment with privacy policies.
  • Verify that DBT_SEND_ANONYMOUS_USAGE_STATS=false or DO_NOT_TRACK=1 is set if usage tracking is not desired.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.

Evidence notes

The CVE record and NVD entry provide details on the vulnerability. The dbt-mcp server's usage tracking feature, when enabled, sent sensitive information without redaction. The fix is included in version 1.17.1. Evidence limits and source-confidence limits should be considered when evaluating the vulnerability.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-16T18:16:43.377Z and has not been modified since then.