MySQL query server based on the MCP sse.Multi-level SQL risk control & injection protection Docker support for quick deployment
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"mysql-mcp-server-sse": {
"args": [
"cryptography"
],
"command": "uvx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
本项目是基于MCP框架的MySQL查询服务器,支持通过SSE协议进行实时数据库操作,具备完善的安全、日志、配置和敏感信息保护机制,适用于开发、测试和生产环境下的安全MySQL数据访问。
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
uvx 'cryptography' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
Vulnerable OpenSSL included in cryptography wheels
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in wheels prior to cryptograph 48.01 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20260609.txt. If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on
PYSEC-2026-36
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted Python buffers (e.g. Hash.update()), this could lead to buffer overflows. This vulnerability is fixed in 46.0.7.
PYSEC-2026-35
cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Prior to version 46.0.6, DNS name constraints were only validated against SANs within child certificates, and not the "peer name" presented during each validation. Consequently, cryptography would allow a peer named bar.example.com to validate against a wildcard leaf certificate for *.example.com, even if the leaf's parent certificate (or upwards) contained an excluded subtree constraint for b
cryptography Vulnerable to a Subgroup Attack Due to Missing Subgroup Validation for SECT Curves
## Vulnerability Summary The `public_key_from_numbers` (or `EllipticCurvePublicNumbers.public_key()`), `EllipticCurvePublicNumbers.public_key()`, `load_der_public_key()` and `load_pem_public_key()` functions do not verify that the point belongs to the expected prime-order subgroup of the curve. This missing validation allows an attacker to provide a public key point `P` from a small-order subgroup. This can lead to security issues in various situations, such as the most commonly used signatur
Vulnerable OpenSSL included in cryptography wheels
pyca/cryptography's wheels include a statically linked copy of OpenSSL. The versions of OpenSSL included in cryptography 42.0.0-44.0.0 are vulnerable to a security issue. More details about the vulnerability itself can be found in https://openssl-library.org/news/secadv/20250211.txt. If you are building cryptography source ("sdist") then you are responsible for upgrading your copy of OpenSSL. Only users installing from wheels built by the cryptography project (i.e., those distributed on PyPI) n
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in data
Query and manage PostgreSQL databases directly from AI assistants
Zero-dependency, token-efficient database MCP server for Postgres, MySQL, SQL Server, MariaDB, SQLite.
Manage Supabase projects — databases, auth, storage, and edge functions
🔥 Official Firecrawl MCP Server - Adds powerful web scraping and search to Cursor, Claude and any other LLM clients.
MCP Security Weekly
Get CVE alerts and security updates for Mysql Mcp Server Sse and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
本项目是基于MCP框架的MySQL查询服务器,支持通过SSE协议进行实时数据库操作,具备完善的安全、日志、配置和敏感信息保护机制,适用于开发、测试和生产环境下的安全MySQL数据访问。
This project is a MySQL query server based on the MCP framework, supporting real-time database operations via SSE protocol. It features comprehensive security, logging, configuration, and sensitive information protection mechanisms, suitable for secure MySQL data access in development, testing, and production environments.
基于FastMCP框架,异步高性能
支持高并发的数据库连接池,参数灵活可调
支持SSE实时推送
丰富的MySQL元数据与结构查询API
自动事务管理与回滚
多级SQL风险控制与注入防护
数据库隔离安全:防止跨数据库访问,支持三级访问控制
敏感信息自动隐藏与自定义
灵活的环境变量配置
完善的日志与错误处理
Docker支持,快速部署
Built on FastMCP framework, high-performance async
Connection pool for high concurrency, with flexible parameter tuning
SSE real-time push support
Rich MySQL metadata & schema query APIs
Automatic transaction management & rollback
Multi-level SQL risk control & injection protection
Database Isolation Security: Prevents cross-database access with 3-level access control
Automatic and customizable sensitive info masking
Flexible environment variable configuration
Robust logging & error handling
Docker support for quick deployment
# 拉取镜像
docker pull mangooer/mysql-mcp-server-sse:latest
# 运行容器
docker run -d \
--name mysql-mcp-server-sse \
-e HOST=0.0.0.0 \
-e PORT=3000 \
-e MYSQL_HOST=your_mysql_host \
-e MYSQL_PORT=3306 \
-e MYSQL_USER=your_mysql_user \
-e MYSQL_PASSWORD=your_mysql_password \
-e MYSQL_DATABASE=your_database \
-p 3000:3000 \
mangooer/mysql-mcp-server-sse:latest
Windows PowerShell 格式:
docker run -d `
--name mysql-mcp-server-sse `
-e HOST=0.0.0.0 `
-e PORT=3000 `
-e MYSQL_HOST=your_mysql_host `
-e MYSQL_PORT=3306 `
-e MYSQL_USER=your_mysql_user `
-e MYSQL_PASSWORD=your_mysql_password `
-e MYSQL_DATABASE=your_database `
-p 3000:3000 `
mangooer/mysql-mcp-server-sse:latest
pip install -r requirements.txt
复制.env.example为.env,并根据实际情况修改。
Copy .env.example to .env and modify as needed.
python -m src.server
默认监听:http://127.0.0.1:3000/sse Default endpoint: http://127.0.0.1:3000/sse
.
├── src/
│ ├── server.py # 主服务器入口 / Main server entry
│ ├── config.py # 配置项定义 / Config definitions
│ ├── validators.py # 参数校验 / Parameter validation
│ ├── db/
│ │ └── mysql_operations.py # 数据库操作 / DB operations
│ ├── security/
│ │ ├── interceptor.py # SQL拦截 / SQL interception
│ │ ├── query_limiter.py # 风险控制 / Risk control
│ │ └── sql_analyzer.py # SQL分析 / SQL analysis
│ └── tools/
│ ├── mysql_tool.py # 基础查询 / Basic query
│ ├── mysql_metadata_tool.py # 元数据查询 / Metadata query
│ ├── mysql_info_tool.py # 信息查询 / Info query
│ ├── mysql_schema_tool.py # 结构查询 / Schema query
│ └── metadata_base_tool.py # 工具基类 / Tool base class
├── tests/ # 测试 / Tests
├── .env.example # 环境变量示例 / Env example
└── requirements.txt # 依赖 / Requirements
| 变量名 / Variable | 说明 / Description | 默认值 / Default |
|---|---|---|
| HOST | 服务器监听地址 / Server listen address | 127.0.0.1 |
| PORT | 服务器监听端口 / Server listen port | 3000 |
| MYSQL_HOST | MySQL服务器地址 / MySQL server host | localhost |
| MYSQL_PORT | MySQL服务器端口 / MySQL server |