A critical vulnerability in Google’s MCP Toolbox for Databases is putting enterprise database systems at serious risk. Tracked as CVE-2026-9739 and carrying a CVSS 4.0 score of 9.4, the flaw enables unauthenticated attackers to launch DNS rebinding attacks against organizations using the Server-Sent Events (SSE) transport mechanism, potentially gaining unauthorized command-level access to connected databases. The vulnerability stems […]
The post MCP Toolbox Vulnerability Exposes Enterprise Database Systems appeared first on Cyber Security News.