php-mcp/changelog/2026/jan/security.md

# Core-MCP - January 2026 - Security Fixes

## Critical

### Database Connection Validation

Fixed fallback behavior that could bypass read-only connection configuration.

**Issue:** QueryDatabase tool would silently fall back to default database connection if configured MCP connection was invalid.

**Fix:** Now throws `RuntimeException` with clear error message when configured connection doesn't exist.

**Files:**
- `Tools/QueryDatabase.php` - Added connection validation

**Impact:** Prevents accidental queries against production read-write connections.

---

## High Priority

### SQL Query Validator Strengthening

Restricted WHERE clause patterns to prevent SQL injection vectors.

**Issue:** Whitelist regex patterns used `.+` which was too permissive for WHERE clause validation.

**Fix:** Replaced with strict character class restrictions:
- Only allows: alphanumeric, spaces, backticks, operators, quotes, parentheses
- Explicitly supports AND/OR logical operators
- Blocks function calls and subqueries
- Prevents nested SELECT statements

**Files:**
- `Services/SqlQueryValidator.php` - Updated DEFAULT_WHITELIST patterns

**Before:**
```php
'/^\s*SELECT\s+.*\s+FROM\s+`?\w+`?(\s+WHERE\s+.+)?/i'
```

**After:**
```php
'/^\s*SELECT\s+.*\s+FROM\s+`?\w+`?(\s+WHERE\s+[\w\s`.,!=<>\'"%()]+(\s+(AND|OR)\s+[\w\s`.,!=<>\'"%()]+)*)?/i'
```

**Defense in depth:**
- Read-only database user (infrastructure)
- Blocked keywords (application)
- Pattern validation (application)
- Whitelist matching (application)
- Table access controls (application)
monorepo sepration 2026-01-26 20:57:41 +00:00			`# Core-MCP - January 2026 - Security Fixes`

			`## Critical`

			`### Database Connection Validation`

			`Fixed fallback behavior that could bypass read-only connection configuration.`

			`Issue: QueryDatabase tool would silently fall back to default database connection if configured MCP connection was invalid.`

			Fix: Now throws `RuntimeException` with clear error message when configured connection doesn't exist.

			`Files:`
			- `Tools/QueryDatabase.php` - Added connection validation

			`Impact: Prevents accidental queries against production read-write connections.`

			`---`

			`## High Priority`

			`### SQL Query Validator Strengthening`

			`Restricted WHERE clause patterns to prevent SQL injection vectors.`

			Issue: Whitelist regex patterns used `.+` which was too permissive for WHERE clause validation.

			`Fix: Replaced with strict character class restrictions:`
			`- Only allows: alphanumeric, spaces, backticks, operators, quotes, parentheses`
			`- Explicitly supports AND/OR logical operators`
			`- Blocks function calls and subqueries`
			`- Prevents nested SELECT statements`

			`Files:`
			- `Services/SqlQueryValidator.php` - Updated DEFAULT_WHITELIST patterns

			`Before:`
			```php
			'/^\sSELECT\s+.\s+FROM\s+`?\w+`?(\s+WHERE\s+.+)?/i'
			```

			`After:`
			```php
			'/^\sSELECT\s+.\s+FROM\s+`?\w+`?(\s+WHERE\s+[\w\s`.,!=<>\'"%()]+(\s+(AND\|OR)\s+[\w\s`.,!=<>\'"%()]+)*)?/i'
			```

			`Defense in depth:`
			`- Read-only database user (infrastructure)`
			`- Blocked keywords (application)`
			`- Pattern validation (application)`
			`- Whitelist matching (application)`
			`- Table access controls (application)`