CVE-2026-5322 is an SQL injection vulnerability identified in the mcp-data-vis project maintained by AlejandroArciniegas. The vulnerability resides in the Request function of the MCP Handler component, specifically in the src/servers/database/server.js file. Due to improper sanitization or validation of input parameters used in SQL queries, an attacker can craft malicious input that alters the intended SQL commands executed by the database. This can lead to unauthorized data access, modification, or deletion. The vulnerability is remotely exploitable without requiring authentication or user interaction, increasing its risk profile. The product follows a rolling release model, which means updates are continuously delivered without fixed version numbers, complicating patch management. The vendor was notified early but did not respond, and public exploit details have been disclosed, raising the urgency for users to implement mitigations. The CVSS 4.0 base score is 6.9, reflecting medium severity, with network attack vector, low complexity, no privileges or user interaction needed, and partial impacts on confidentiality, integrity, and availability.

The SQL injection vulnerability allows attackers to execute arbitrary SQL commands on the backend database, potentially leading to unauthorized data disclosure, data manipulation, or deletion. This can compromise the confidentiality and integrity of sensitive information stored within the database. Additionally, attackers may disrupt service availability by corrupting or deleting critical data. Since exploitation requires no authentication or user interaction and can be performed remotely, the attack surface is broad. Organizations relying on mcp-data-vis for data visualization or analytics could face data breaches, loss of trust, regulatory penalties, and operational disruptions. The continuous update model without clear versioning may delay patch deployment, increasing exposure time. The lack of vendor response further exacerbates risk, as no official patches or guidance have been provided. While no active exploitation is currently known, the public availability of exploit details increases the likelihood of future attacks.

Organizations should immediately audit their use of mcp-data-vis to identify affected deployments. Given the absence of official patches, users should implement input validation and sanitization at the application or database query layer to prevent injection of malicious SQL code. Employ parameterized queries or prepared statements if modifying source code is feasible. Network-level protections such as web application firewalls (WAFs) can be configured to detect and block SQL injection patterns targeting the vulnerable endpoints. Monitoring and logging database queries for anomalous activity can help detect exploitation attempts early. Restrict database user privileges to the minimum necessary to limit potential damage from successful injection. If possible, isolate the mcp-data-vis service in a segmented network zone to reduce exposure. Stay alert for vendor updates or community patches and apply them promptly once available. Engage in threat intelligence sharing to track emerging exploit activity related to this vulnerability.