CVE-2026-55837: dbt MCP Server: Unauthenticated OAuth Context Endpoint Leaks dbt Platform Tokens

The local OAuth helper FastAPI server bundled with dbt-mcp exposes the GET /dbt_platform_context endpoint without any form of authentication or host-origin validation. After a user completes the OAuth login flow against dbt Cloud (cloud.getdbt.com), the endpoint returns the full DbtPlatformContext object — including the victim’s access_token and refresh_token for the dbt Platform API — verbatim to any caller that can reach 127.0.0.1:6785. An attacker who can direct the victim’s browser to the helper origin via DNS rebinding, or who has co-located process access on the same host, can silently exfiltrate both tokens. The stolen bearer token grants full dbt Cloud API access as the victim; the refresh token enables persistent access beyond the original token’s expiry. CVSS Base Score: 8.0 (High).