Skip to content

designcomputer/mysql_mcp_server

v0.3.1 Security

This release includes 3 security fixes for security teams reviewing exposed deployments.

Published 3d MCP Data & Storage
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 3 known CVEs

Topics

ai mcp model-context-protocol mysql

Affected surfaces

auth rce_ssrf deps breaking_upgrade crypto_tls

ReleasePort's take

Moderate signal
editorial:auto 3d

The release masks sensitive data in server logs and enforces non‑root Dockerfile execution with secret management best practices.

Why it matters: Masking passwords/SSH keys prevents accidental exposure; running as `appuser` reduces container privilege escalation risk—critical for security hygiene.

Summary

AI summary

Updates 0.3.0] - 2026-05-31, 0.2.1] - 2025-02-15, and 0.3.1] - 2026-05-31 across a mixed release.

Changes in this release

Security High

Masked sensitive information (passwords, SSH keys) in server logs.

Masked sensitive information (passwords, SSH keys) in server logs.

Source: llm_adapter@2026-05-31

Confidence: high
Security High

Dockerfile now runs as non-root `appuser` and follows secret management best practices.

Dockerfile now runs as non-root `appuser` and follows secret management best practices.

Source: llm_adapter@2026-05-31

Confidence: high
Security Medium

Added `ToolAnnotations` to `execute_sql` to flag potentially destructive operations for AI agents.

Added `ToolAnnotations` to `execute_sql` to flag potentially destructive operations for AI agents.

Source: llm_adapter@2026-05-31

Confidence: high
Feature Medium

Added `MYSQL_SSL_MODE` for encrypted connections.

Added `MYSQL_SSL_MODE` for encrypted connections.

Source: llm_adapter@2026-05-31

Confidence: high
Feature Medium

Added built‑in support for `MYSQL_SSH_ENABLE` to connect via an SSH jump host.

Added built‑in support for `MYSQL_SSH_ENABLE` to connect via an SSH jump host.

Source: llm_adapter@2026-05-31

Confidence: high
Feature Medium

Added `__main__.py` to allow running the package directly via `python -m mysql_mcp_server`.

Added `__main__.py` to allow running the package directly via `python -m mysql_mcp_server`.

Source: llm_adapter@2026-05-31

Confidence: high
Feature Medium

Added new inspection tools `get_schema_info` and `get_table_sample` for column metadata and data previews.

Added new inspection tools `get_schema_info` and `get_table_sample` for column metadata and data previews.

Source: llm_adapter@2026-05-31

Confidence: high
Feature Low

Added built-in support for `MYSQL_AUTH_PLUGIN`, `MYSQL_USE_PURE`, and `MYSQL_RAISE_ON_WARNINGS` to stabilize connections to older MySQL servers (MySQL 5.7).

Added built-in support for `MYSQL_AUTH_PLUGIN`, `MYSQL_USE_PURE`, and `MYSQL_RAISE_ON_WARNINGS` to stabilize connections to older MySQL servers (MySQL 5.7).

Source: granite4.1:30b@2026-05-31-audit

Confidence: low
Feature Low

Made `MYSQL_DATABASE` optional; server lists all databases and supports fully qualified table names or `USE <database>`.

Made `MYSQL_DATABASE` optional; server lists all databases and supports fully qualified table names or `USE <database>`.

Source: granite4.1:30b@2026-05-31-audit

Confidence: low
Feature Low

Added support for running as an HTTP server via SSE transport by setting `MCP_TRANSPORT=sse`.

Added support for running as an HTTP server via SSE transport by setting `MCP_TRANSPORT=sse`.

Source: granite4.1:30b@2026-05-31-audit

Confidence: low
Dependency Low

Updated minimum `mcp` dependency to `1.2.0` for improved stability and security.

Updated minimum `mcp` dependency to `1.2.0` for improved stability and security.

Source: granite4.1:30b@2026-05-31-audit

Confidence: low
Bugfix Medium

Added strict regex validation for all database and table identifiers to mitigate SQL injection risk.

Added strict regex validation for all database and table identifiers to mitigate SQL injection risk.

Source: llm_adapter@2026-05-31

Confidence: high
Bugfix Medium

Implemented global exception handling in tool calls to return clear, actionable error messages instead of silent failures.

Implemented global exception handling in tool calls to return clear, actionable error messages instead of silent failures.

Source: llm_adapter@2026-05-31

Confidence: high
Bugfix Medium

Refactored all blocking database and SSH operations to use background threads via `anyio.to_thread.run_sync` to prevent server hangs on Windows 11.

Refactored all blocking database and SSH operations to use background threads via `anyio.to_thread.run_sync` to prevent server hangs on Windows 11.

Source: llm_adapter@2026-05-31

Confidence: high
Refactor Low

Refactored resource names to be 'identifier-safe' (e.g., `table_users`) for compatibility with Google Gemini models and GitHub Copilot.

Refactored resource names to be 'identifier-safe' (e.g., `table_users`) for compatibility with Google Gemini models and GitHub Copilot.

Source: granite4.1:30b@2026-05-31-audit

Confidence: low
Refactor Low

Improved result set handling for `DESCRIBE`, `SHOW COLUMNS`, and other inspection queries, including explicit `NULL` value rendering.

Improved result set handling for `DESCRIBE`, `SHOW COLUMNS`, and other inspection queries, including explicit `NULL` value rendering.

Source: granite4.1:30b@2026-05-31-audit

Confidence: low
Full changelog

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog,
and this project adheres to Semantic Versioning.

[0.3.1] - 2026-05-31

Fixed

  • Strict LLM Compatibility: Refactored resource names to be 'identifier-safe' (e.g., table_users instead of Table: users) to ensure compatibility with Google Gemini models and GitHub Copilot (Issue #39).
  • MySQL 5.7 Stability: Added built-in support for MYSQL_AUTH_PLUGIN, MYSQL_USE_PURE, and MYSQL_RAISE_ON_WARNINGS to stabilize connections to older MySQL servers (Issue #31).

Added

  • Standalone Execution: Added __main__.py to allow running the package directly via python -m mysql_mcp_server (Issue #12).

[0.3.0] - 2026-05-31

Fixed

  • Asynchronous Reliability: Refactored all blocking database and SSH operations to use background threads via anyio.to_thread.run_sync. This prevents the server from hanging in environments like Windows 11 (Issue #54).
  • Graceful Error Reporting: Implemented global exception handling in tool calls to return clear, actionable error messages to AI agents and users instead of silent failures (Issue #50).
  • Metadata Formatting: Improved result set handling for DESCRIBE, SHOW COLUMNS, and other inspection queries, including explicit NULL value rendering (PR #38).
  • SQL Injection Risk: Added strict regex validation for all database and table identifiers (PR #86).

Added

  • Multi-Database Mode: MYSQL_DATABASE is now optional. When omitted, the server lists all available databases and supports USE <database> or fully qualified table names (PR #86, Issue #68, #81).
  • SSH Tunneling: Built-in support for secure remote database connections via an SSH jump host using MYSQL_SSH_ENABLE (PR #64, contributed by @GeorgeLeex).
  • New Inspection Tools:
    • get_schema_info: Detailed column metadata, types, and comments.
    • get_table_sample: Quick data previews to understand table content (PR #64, contributed by @GeorgeLeex).
  • SSE/HTTP Transport: Support for running as an HTTP server by setting MCP_TRANSPORT=sse (PR #86).
  • SSL/TLS Support: Added MYSQL_SSL_MODE for encrypted connections.
  • Environment Management: Added .env support and .env.example file (PR #69).

Security

  • Added ToolAnnotations to execute_sql to flag potentially destructive operations to AI agents (PR #78).
  • Dockerfile now runs as a non-root appuser and follows best practices for secret management.
  • Masked sensitive information (passwords, SSH keys) in server logs.

Changed

  • Refactored server initialization into distinct STDIO and SSE transport handlers.
  • Updated minimum mcp dependency to 1.2.0 for improved stability and security.

[0.2.2] - 2025-04-18

Fixed

  • Fixed handling of SQL commands that return result sets, including SHOW INDEX, SHOW CREATE TABLE, and DESCRIBE
  • Added improved error handling for result fetching operations
  • Added additional debug output to aid in troubleshooting

[0.2.1] - 2025-02-15

Added

  • Support for MYSQL_PORT configuration through environment variables
  • Documentation for PORT configuration in README

Changed

  • Updated tests to use handler functions directly
  • Refactored database configuration to runtime

[0.2.0] - 2025-01-20

Added

  • Initial release with MCP server implementation
  • Support for SQL queries through MCP interface
  • Ability to list tables and read data

Breaking Changes

  • Minimum `mcp` dependency bumped to version 1.2.0.

Security Fixes

  • Added strict regex validation for all database and table identifiers to mitigate SQL injection risks (PR #86).
  • Masked sensitive information such as passwords and SSH keys in server logs.
  • ToolAnnotations now flag potentially destructive `execute_sql` operations to AI agents.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track designcomputer/mysql_mcp_server

Get notified when new releases ship.

Sign up free

About designcomputer/mysql_mcp_server

MySQL database integration with configurable access controls, schema inspection, and comprehensive security guidelines

All releases →

Related context

Beta — feedback welcome: [email protected]