2 matches found
CVE-2026-42463
SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR Insecure Direct Object Reference and Authorization Bypass vulnerability in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema...
SQLBot 安全漏洞
SQLBot is an intelligent data querying system developed by DataEase, based on large models and RAG techniques. Versions of SQLBot prior to 1.8.0 contained security vulnerabilities. These vulnerabilities stemmed from cross-workpace IDOR and authorization bypasses in the...