Anthropic has declined to address a SQL injection vulnerability in its SQLite Model Context Protocol (MCP) server, which a security researcher claims could allow attackers to hijack AI support bots and extract sensitive customer data. The SQLite MCP server, designed for interaction with databases, contains a flaw that enables prompt injection attacks, posing a threat to numerous AI agents. Despite the flaw being disclosed, Anthropic has categorized the vulnerability as "out of scope" for repair since the code repository had been archived, leaving thousands of copies vulnerable forever.
Anthropic's decision to leave the SQL injection vulnerability unpatched perpetuates a significant security threat to AI agents that depend on their SQLite Model Context Protocol.
The SQL injection flaw discovered in Anthropic's SQLite MCP server opens doors for attackers to hijack support bots and manipulate AI agents into leaking sensitive data.
Despite the risk of exploitation, Anthropic views the vulnerability as "out of scope" for fixing due to the repository being archived prior to the disclosure.
With over 5,000 copies of the vulnerable server, the potential threat to AI agents using the SQLite MCP server remains a pressing concern for security.
Collection
[
|
...
]