Authentication Bypass in Google APIs' MCP Toolbox
CVE-2026-11717

9.3CRITICAL

Key Information:

Vendor: Google
Status: Mcp Toolbox For Databases (googleapis/mcp-toolbox)
Vendor: CVE Published:; 18 June 2026

What is CVE-2026-11717?

An authentication bypass vulnerability has been identified in the validation process of opaque tokens within Google APIs' MCP Toolbox. During the token verification via the OAuth 2.0 introspection endpoint, the system fails to reject tokens when the mandatory 'active' key is omitted from the response. This oversight allows potentially unauthorized access to protected tools and data sources, as the condition to verify the token's activity may inadvertently be bypassed. Proper implementation and careful examination of the introspection endpoint responses are crucial to maintain security.

Affected Version(s)

MCP Toolbox for Databases (googleapis/mcp-toolbox) 1.0.0 <= 1.3.0

References

https://github.com/googleapis/mcp-toolbox/pull/3341

CVSS V4

Score:

9.3

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 18, 2026
Vulnerability Reserved
Jun 9, 2026

Credit

HaoNH Leader Redteam From VINCSS ( Member Of Vingroup )

CVE-2026-11717 Data

JSON