258: CVEs, MCPs, and Petabyte Dreams

News includes the first CVE released under EEF's new CNA program for an Erlang zip traversal vulnerability, Phoenix MacroComponents being delayed for greater potential, Supabase announcing Multigres - a Vitess-like proxy for scaling Postgres to petabyte scale, a surge of new MCP server implementations for Phoenix and Plug including Phantom, HermesMCP, ExMCP, Vancouver, and Excom, a fun blog post revealing that Erlang was the only language that didn't crash under extreme load testing against 6 other languages, LiveDebugger v0.3.0 being teased with Firefox extension support and enhanced debugging capabilities, and more! Show Notes online - http://podcast.thinkingelixir.com/258 (http://podcast.thinkingelixir.com/258) Elixir Community News https://www.honeybadger.io/ (https://www.honeybadger.io/utm_source=thinkingelixir&utm_medium=podcast) – Honeybadger.io is sponsoring today's show! Keep your apps healthy and your customers happy with Honeybadger! It's free to get started, and setup takes less than five minutes. https://cna.erlef.org/cves/cve-2025-4748.html (https://cna.erlef.org/cves/cve-2025-4748.html?utm_source=thinkingelixir&utm_medium=shownotes) – New CVE for Erlang regarding zip traversal - 4.8 severity (medium) with workaround available or update to latest patched OTP versions First CVE released under the EEF's new CNA (CVE Numbering Authority) program - a successful process milestone https://bsky.app/profile/steffend.me/post/3lrlhd5etkc2p (https://bsky.app/profile/steffend.me/post/3lrlhd5etkc2p?utm_source=thinkingelixir&utm_medium=shownotes) – Phoenix MacroComponents is being delayed in search of greater potential https://github.com/phoenixframework/phoenixliveview/pull/3846 (https://github.com/phoenixframework/phoenix_live_view/pull/3846?utm_source=thinkingelixir&utm_medium=shownotes) – Draft PR for Phoenix MacroComponents development https://x.com/supabase/status/1933627932972376097 (https://x.com/supabase/status/1933627932972376097?utm_source=thinkingelixir&utm_medium=shownotes) – Supabase announcement of Multigres project https://supabase.com/blog/multigres-vitess-for-postgres (https://supabase.com/blog/multigres-vitess-for-postgres?utm_source=thinkingelixir&utm_medium=shownotes) – Multigres - Vitess for Postgres, announcement of a new proxy for scaling Postgres databases to petabyte scale https://github.com/multigres/multigres (https://github.com/multigres/multigres?utm_source=thinkingelixir&utm_medium=shownotes) – Multigres GitHub repository Sugu, co-creator of Vitess, has joined Supabase to build Multigres https://hex.pm/packages/phantom_mcp (https://hex.pm/packages/phantom_mcp?utm_source=thinkingelixir&utm_medium=shownotes) – Phantom MCP server - comprehensive implementation supporting Streamable HTTP with Phoenix/Plug integration https://hex.pm/packages/hermes_mcp (https://hex.pm/packages/hermes_mcp?utm_source=thinkingelixir&utm_medium=shownotes) – HermesMCP - comprehensive MCP server with client, stdio and Plug adapters https://hex.pm/packages/ex_mcp (https://hex.pm/packages/ex_mcp?utm_source=thinkingelixir&utm_medium=shownotes) – ExMCP - comprehensive MCP implementation with client, server, stdio and Plug adapters, uses Horde for distribution https://hex.pm/packages/vancouver (https://hex.pm/packages/vancouver?utm_source=thinkingelixir&utm_medium=shownotes) – Vancouver MCP server - simple implementation supporting only tools https://hex.pm/packages/excom (https://hex.pm/packages/excom?utm_source=thinkingelixir&utm_medium=shownotes) – Excom MCP server - simple implementation supporting only tools https://www.youtube.com/watch?v=4dzZ44-xVds (https://www.youtube.com/watch?v=4dzZ44-xVds?utm_source=thinkingelixir&utm_medium=shownotes) – AshAI video demo showing incredible introspection capabilities for MCP frameworks https://freedium.cfd/https:/medium.com/@codeperfect/we-tested-7-languages-under-extreme-load-and-only-one-didnt-crash-it-wasn-t-what-we-expected-67f84c79dc34 (https://freedium.cfd/https:/medium.com/@codeperfect/we-tested-7-languages-under-extreme-load-and-only-one-didnt-crash-it-wasn-t-what-we-expected-67f84c79dc34?utm_source=thinkingelixir&utm_medium=shownotes) – Blog post comparing 7 languages under extreme load - Erlang was the only one that didn't crash https://github.com/software-mansion/live-debugger (https://github.com/software-mansion/live-debugger?utm_source=thinkingelixir&utm_medium=shownotes) – LiveDebugger v0.3.0 release being teased with new features https://bsky.app/profile/membrane-swmansion.bsky.social/post/3lrb4kpmmw227 (https://bsky.app/profile/membrane-swmansion.bsky.social/post/3lrb4kpmmw227?utm_source=thinkingelixir&utm_medium=shownotes) – Software Mansion preview of LiveDebugger v0.3.0 features including Firefox extension and enhanced debugging capabilities https://smartlogic.io/podcast/elixir-wizards/s14-e03-langchain-llm-integration-elixir/ (https://smartlogic.io/podcast/elixir-wizards/s14-e03-langchain-llm-integration-elixir/?utm_source=thinkingelixir&utm_medium=shownotes) – Elixir Wizards podcast episode featuring discussion with Mark Ericksen on the Elixir LangChain project for LLM integration Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Find us online - Message the show - Bluesky (https://bsky.app/profile/thinkingelixir.com) - Message the show - X (https://x.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen on X - @brainlid (https://x.com/brainlid) - Mark Ericksen on Bluesky - @brainlid.bsky.social (https://bsky.app/profile/brainlid.bsky.social) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel on Bluesky - @david.bernheisel.com (https://bsky.app/profile/david.bernheisel.com) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)