CVE-2025-59333: @executeautomation/database-server does not properly restrict access, bypassing a "read-only" mode

The MCP Server provided by ExecuteAutomation at https://github.com/executeautomation/mcp-database-server provides an MCP interface for agentic workflows to interact with different kinds of database servers such as PostgreSQL database. However, the mcp-database-server MCP Server distributed via the npm package @executeautomation/database-server fails to implement proper security control that properly enforce a “read-only” mode and as such it is vulnerable to abuse and attacks on the affected database servers such as PostgreSQL (and potentially other db servers that expose elevated functionalities) and which may result in denial of service and other unexpected behavior.

This MCP Server is also publicly published in the npm registry: https://www.npmjs.com/package/@executeautomation/database-server