Highlights
Information Disclosure: 2 prior fixes. Scrutinize any change in this area.
packages/mongodb-atlas-mcp-remote/src/cli.ts: most-fixed (1 issue). Treat as high-risk during review.
0 high-severity fixes in this history; regressions here are high-impact.
Recurring patterns
The bug types that recur here, drawn from past fixes, not open vulnerabilities.
Information Disclosure: Sensitive credentials, including AWS KMS keys and auto-encryption connection options, can be exposed via JSON.stringify during configuration representation if they are not explicitly filtered.
Privilege Escalation: A logic flaw in privilege evaluation can result in the automatic provisioning of 'readWriteAnyDatabase' credentials even when write tools are explicitly disabled in the configuration.
Cryptographic Issues: Sensitive API tokens and database credentials risk plaintext persistence on disk if stored inside plain-text state files rather than leveraging the platform's native keyring services.