The original blog post: [0]
This is yet another very serious issue involving the flawed nature of MCPs, and this one was posted over 4 times here.
To mention a couple of other issues such as Heroku's MCP server getting exploited [1] which no-one cared about and then GitHub's MCP server as well and a while ago, Anthropic's MCP inspector [2] had a RCE vulnerabilty with a CVE severity of 9.4!
There is no reason for an LLM or agent to directly access your DB via whatever protocol like' MCP' without the correct security procedures if you can easily leak your entire DB with attacks like this.
[0] https://www.generalanalysis.com/blog/supabase-mcp-blog
[1] https://www.tramlines.io/blog/heroku-mcp-exploit
[2] https://www.oligo.security/blog/critical-rce-vulnerability-i...
replies(2):