Oracle MCP Server Helper Tool Vulnerability Allows Malicious SQL Execution
The National Vulnerability Database has disclosed CVE-2026-35228, a high-severity vulnerability affecting Oracle MCP Server Helper Tool versions 1.0.1 through 1.0.156. This flaw, rated 8.7 CVSS, is easily exploitable by an unauthenticated attacker via HTTP network access. No complex prerequisites are needed; the attacker only requires network reachability.
Successful exploitation of this vulnerability allows the execution of malicious SQL commands within the Oracle MCP Server Helper Tool. This type of arbitrary SQL execution can lead to significant data compromise, manipulation, or even system-level access, depending on the privileges of the underlying database connection. It’s a direct path to critical data integrity and confidentiality issues.
Defenders must prioritize patching. The ease of exploitation combined with the unauthenticated nature makes this a prime target for opportunistic attackers. Organizations using the affected Oracle MCP Server Helper Tool versions need to immediately review their patch management cycles and apply available updates.
What This Means For You
- If your organization utilizes Oracle MCP Server Helper Tool, check your version immediately. Any deployment running versions 1.0.1 through 1.0.156 is vulnerable to unauthenticated, network-based SQL injection. Prioritize patching this flaw without delay to prevent malicious SQL execution and potential data breaches.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-35228 - Oracle MCP Server Helper Tool SQL Injection
title: CVE-2026-35228 - Oracle MCP Server Helper Tool SQL Injection
id: scw-2026-05-05-ai-1
status: experimental
level: critical
description: |
Detects attempts to exploit CVE-2026-35228 by looking for specific URI paths and SQL injection patterns within the query string targeting the Oracle MCP Server Helper Tool.
author: SCW Feed Engine (AI-generated)
date: 2026-05-05
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-35228/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri|contains:
- '/mcp/server/helper'
cs-uri-query|contains:
- "' OR '1'='1"
- "' UNION SELECT"
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-35228 | SQLi | Oracle MCP Server Helper Tool version 1.0.1-1.0.156 |
| CVE-2026-35228 | SQLi | Oracle Open Source Projects component: helper tool |
| CVE-2026-35228 | SQLi | Network access via HTTP |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 05, 2026 at 07:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-7823: Critical Command Injection in Totolink A8000RU Routers
CVE-2026-7823 — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the...
CVE-2026-7822 — Itsourcecode Courier Management System SQL Injection
CVE-2026-7822 — A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /print_pdets.php. The manipulation of the...
CVE-2026-7812: Remote Command Injection in 54yyyu code-mcp MCP Tool
CVE-2026-7812 — A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git_operation of the file src/code_mcp/server.py of the...