{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-31841", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-09T17:41:56.078Z", "datePublished": "2026-03-12T17:03:32.818Z", "dateUpdated": "2026-03-12T17:50:15.398Z"}, "containers": {"cna": {"title": "Raw exposure of database statements in Hyperterse MCP search tool", "problemTypes": [{"descriptions": [{"cweId": "CWE-433", "lang": "en", "description": "CWE-433: Unparsed Raw Web Content Delivery", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/hyperterse/hyperterse/security/advisories/GHSA-92gp-jfgx-9qpv", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/hyperterse/hyperterse/security/advisories/GHSA-92gp-jfgx-9qpv"}, {"name": "https://github.com/hyperterse/hyperterse/releases/tag/v2.2.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/hyperterse/hyperterse/releases/tag/v2.2.0"}], "affected": [{"vendor": "hyperterse", "product": "hyperterse", "versions": [{"version": ">= 2.0.0, < 2.2.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-12T17:03:32.818Z"}, "descriptions": [{"lang": "en", "value": "Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were supposed to be executed under the hood, and protected from being displayed publicly. This issue has been fixed as of v2.2.0."}], "source": {"advisory": "GHSA-92gp-jfgx-9qpv", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-12T17:50:05.033697Z", "id": "CVE-2026-31841", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T17:50:15.398Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-31841", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-12T17:50:05.033697Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-12T17:50:08.930Z"}}], "cna": {"title": "Raw exposure of database statements in Hyperterse MCP search tool", "source": {"advisory": "GHSA-92gp-jfgx-9qpv", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "hyperterse", "product": "hyperterse", "versions": [{"status": "affected", "version": ">= 2.0.0, < 2.2.0"}]}], "references": [{"url": "https://github.com/hyperterse/hyperterse/security/advisories/GHSA-92gp-jfgx-9qpv", "name": "https://github.com/hyperterse/hyperterse/security/advisories/GHSA-92gp-jfgx-9qpv", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/hyperterse/hyperterse/releases/tag/v2.2.0", "name": "https://github.com/hyperterse/hyperterse/releases/tag/v2.2.0", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were supposed to be executed under the hood, and protected from being displayed publicly. This issue has been fixed as of v2.2.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-433", "description": "CWE-433: Unparsed Raw Web Content Delivery"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-12T17:03:32.818Z"}}}, "cveMetadata": {"cveId": "CVE-2026-31841", "state": "PUBLISHED", "dateUpdated": "2026-03-12T17:50:15.398Z", "dateReserved": "2026-03-09T17:41:56.078Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-12T17:03:32.818Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hyperterse:hyperterse:*:*:*:*:*:*:*:*", "matchCriteriaId": "24A50F24-DD95-48E6-A2B8-B89E1D7E7CCD", "versionEndExcluding": "2.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Hyperterse is a tool-first MCP framework for building AI-ready backend surfaces from declarative config. Prior to v2.2.0, the search tool allows LLMs to search for tools using natural language. While returning results, Hyperterse also returned the raw SQL queries, exposing statements which were supposed to be executed under the hood, and protected from being displayed publicly. This issue has been fixed as of v2.2.0."}, {"lang": "es", "value": "Hyperterse es un framework MCP centrado en herramientas para construir superficies de backend listas para IA a partir de configuraci\u00f3n declarativa. Antes de la v2.2.0, la herramienta de b\u00fasqueda permite a los LLM buscar herramientas usando lenguaje natural. Al devolver resultados, Hyperterse tambi\u00e9n devolv\u00eda las consultas SQL sin procesar, exponiendo sentencias que se supon\u00eda que deb\u00edan ejecutarse bajo el cap\u00f3 y protegidas de ser mostradas p\u00fablicamente. Este problema ha sido solucionado a partir de la v2.2.0."}], "id": "CVE-2026-31841", "lastModified": "2026-03-19T17:35:21.330", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-12T17:16:51.050", "references": [{"source": "security-advisories@github.com", "tags": ["Product", "Release Notes"], "url": "https://github.com/hyperterse/hyperterse/releases/tag/v2.2.0"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/hyperterse/hyperterse/security/advisories/GHSA-92gp-jfgx-9qpv"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-433"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[2.0.0,2.2.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "hyperterse", "source": "cna", "vendor": "hyperterse"}, "product": "hyperterse", "vendor": "hyperterse"}], "analysis": {"en": {"generated_at": "2026-03-19T18:27:55.304824+00:00", "value": {"mitigation_remediation": ["Upgrade Hyperterse to version 2.2.0 or later to remove SQL query disclosure."], "summary": {"action": "Apply Patch", "impact": "Information Disclosure"}, "threat_synthesis": {"affected_systems": "All Hyperterse deployments running any version earlier than the release labeled v2.2.0 are affected. The product family is identified by the CPE string cpe:2.3:a:hyperterse:hyperterse:*:*:*:*:*:*:*:*. The fix was released in version 2.2.0, where the search tool was modified to omit the raw SQL queries from the response.", "description_and_impact": "Hyperterse\u2019s search tool exposed raw SQL statements that were meant to run only internally and not be shown to users or external systems. By returning the fully qualified queries as part of the search results, the tool inadvertently leaked sensitive database logic and schema details. This contemporary vulnerability aligns with CWE\u2011433 and can give a malicious actor or an LLM-based application a clear view of the database structure, potentially facilitating targeted injection attempts or other exploitation strategies. The confidentiality impact is significant, as the attacker learns how data is accessed and may identify opportunities for privilege escalation or data extraction.", "risk_and_exploitability": "The CVSS v3.1 score of 6.5 indicates a medium severity, and an EPSS score of less than 1% suggests a low probability of currently observed exploitation. The vulnerability is not listed in the CISA KEV catalog, implying no known widespread active exploitation. The attack vector is likely internal to the application or via an LLM integrated with the search tool, as the disclosure occurs when search results are generated. While no public exploit has been documented, the information revealed by the vulnerable code could assist an attacker in crafting more effective injection attacks or mapping the database schema."}}}}, "created": "2026-03-13T09:50:55.147952+00:00", "updated": "2026-03-20T15:48:51.858331+00:00", "vendors": ["hyperterse", "hyperterse$PRODUCT$hyperterse"]}