A vulnerability was found in Apache Doris MCP Server up to 0.6.0. It has been rated as critical. The impacted element is an unknown function. This manipulation causes sql injection.
This vulnerability is tracked as CVE-2025-66335. The attack is possible to be carried out remotely. No exploit exists.
Upgrading the affected component is advised.
