CVE-2026-11719 Google CVE debrief

Who should care

Administrators and users of MCP Toolbox for Databases should be aware of this vulnerability and take immediate action to protect their systems. Anyone with access to the MCP Toolbox for Databases, especially those with low-privilege tokens, should be cautious of potential exploitation.

Technical summary

The vulnerability is caused by missing scope enforcement in older protocol handlers of MCP Toolbox for Databases. Specifically, protocol versions 2025-06-18, 2025-03-26, and 2024-11-05 do not check scope restrictions defined by scopesRequired. This allows an authenticated client with a low-privilege token to bypass intended restrictions and execute high-privilege tools by specifying an older protocol version in the MCP-Protocol-Version header or omitting the header entirely.

Defensive priority

High

Recommended defensive actions

• Update MCP Toolbox for Databases to the latest version that enforces scope checks across all protocol versions.
• Restrict access to sensitive tools and features to only those who need it.
• Implement additional monitoring and logging to detect potential exploitation attempts.
• Consider disabling older protocol versions if not required.
• Enforce strict scope restrictions for all users and tools.
• Regularly review and update access controls and permissions.

Evidence notes

The information provided is based on the CVE record and NVD details. The vulnerability was published on June 18, 2026, and there have been no modifications since then. The CVE record and NVD details provide a comprehensive overview of the vulnerability.

Official resources