Vulnerability  ·  2026-07-07

Amazon mcp-gateway-registry — SQL Injection in Metrics-Service Retention Policy Management

VulnerabilityHigh impactGlobalCVE-2026-14471
The metrics-service component of AWS's MCP Gateway Registry builds SQL statements by interpolating a user-supplied table_name parameter without parameterization, allowing an authenticated attacker to inject arbitrary SQL.
MCP gateway/registry services sit at the control plane for enterprise agentic-AI tool discovery and routing; a SQL injection here could let an authenticated low-privilege user read or corrupt registry metadata governing which MCP tools agents are permitted to call, an attack that undermines the trust boundary for the whole agent-tooling fleet.
Improper neutralization of special elements in the metrics-service retention policy management component allows an authenticated remote user to execute arbitrary SQL queries via a crafted table_name value that is interpolated directly into SQL statements.
Amazon mcp-gateway-registry, versions before 1.0.13
Upgrade to mcp-gateway-registry >= 1.0.13 per AWS security bulletin 2026-052-aws.
NVD CVE-2026-14471AWS Security Bulletin 2026-052
See this in the live feed Explore related AI security and governance findings — updated every morning.
Open the feed →