Lucene search
K

140 matches found

OSV
OSV
added last week3 views

GHSA-RH62-J648-G5QC Recce server has unauthenticated SQL execution that allows local file read/write through DuckDB

Impact Recce OSS server deployments that expose the server to an untrusted network without authentication are vulnerable to unauthenticated SQL execution through the query run API. When Recce is configured with a DuckDB-backed project, an attacker can use DuckDB filesystem primitives to read and...

7.8CVSS5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/25 10:34 p.m.5 views

GO-2026-5523 Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks in github.com/basekick-labs/arc

Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks in github.com/basekick-labs/arc...

5.9AI score0.00029EPSS
Exploits0References3
Nuclei
Nuclei
added 2026/06/25 5:45 a.m.34 views

Grafana Post-Auth DuckDB - SQL Injection To File Read

The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or highe...

9.9CVSS6.6AI score0.97781EPSS
Exploits10References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 3:11 a.m.7 views

Malicious code in @mastra/duckdb (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4754e9321d534c89f59052bd2ca5ce38c6d3916eba9a5e0990e0186c7beac14 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSV
OSV
added 2026/06/08 11:51 p.m.10 views

GHSA-P2J4-C4G6-RPF5 Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks

Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only readparquet and arcpartitionagg via regex denylist. The broader DuckDB I/O function family — readcsvauto, readcsv, readjson, readjsonauto, readtext, readblob, glob, parquetmetadata, parquetschema, readxlsx, etc...

7.1CVSS5.6AI score0.00029EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/06/08 11:51 p.m.14 views

Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks

Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only readparquet and arcpartitionagg via regex denylist. The broader DuckDB I/O function family — readcsvauto, readcsv, readjson, readjsonauto, readtext, readblob, glob, parquetmetadata, parquetschema, readxlsx, etc...

5.6AI score0.00029EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.19 views

PT-2026-47624

Name of the Vulnerable Software and Affected Versions Arc versions prior to 2026.06.1 Description An authenticated user can read arbitrary local files by bypassing the user-SQL validator and RBAC table-reference extraction. The validator in internal/api/query.go:ValidateSQLRequest used a regex...

7.1CVSS6AI score0.00029EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47575

Summary Arc's user-SQL validator internal/api/query.go:ValidateSQLRequest blocked only read parquet and arc partition agg via regex denylist. The broader DuckDB I/O function family — read csv auto, read csv, read json, read json auto, read text, read blob, glob, parquet metadata, parquet schema,...

7.1CVSS5.6AI score
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.10 views

CVE-2026-41490

Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating...

8.3CVSS5.8AI score0.00265EPSS
Exploits1References1
NVD
NVD
added 2026/05/07 2:16 p.m.94 views

CVE-2026-41490

Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating...

8.3CVSS0.00265EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/07 1:15 p.m.43 views

EUVD-2026-28368

Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating...

8.3CVSS6AI score0.00265EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/05/07 1:15 p.m.7 views

CVE-2026-41490 Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations

Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating...

8.3CVSS6AI score0.00265EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/05/07 12:0 a.m.9 views

Dagster SQL注入漏洞

Dagster is an open-source orchestration platform developed by Dagster for developing, producing, and monitoring data assets. Versions of Dagster prior to 1.13.1 and Dagster libraries prior to 0.29.1 have a SQL injection vulnerability. This vulnerability arises from the fact that DuckDB, Snowflake...

8.3CVSS5.9AI score0.00265EPSS
Exploits1References1
Snyk
Snyk
added 2026/04/18 1:7 a.m.4 views

SQL Injection

Overview dagster-duckdb is a Package for DuckDB-specific Dagster framework op and resource components. Affected versions of this package are vulnerable to SQL Injection via the construction of SQL WHERE clauses in database I/O manager integrations. An attacker can execute arbitrary SQL commands b...

8.7CVSS6.1AI score0.00265EPSS
Exploits1References2
vulnersOsv
vulnersOsv
added 2026/04/18 1:7 a.m.8 views

dagster-duckdb-pandas (>=0.17.3 <=0.29.0), dagster-duckdb-polars (>=0.17.21 <=0.29.0) +6 more potentially affected by CVE-2026-41490 via dagster-duckdb (>=0.17.21 <=0.29.0)

dagster-duckdb PYPI version =0.17.21, =0.17.3, =0.17.21, =0.17.3, =0.1.1, =0.1.0, =0.1.0, =0.1.1 - lung-sarg =1.0.0 Source cves: CVE-2026-41490 Source advisory: SNYK:PYTHON-DAGSTERDUCKDB-16109580...

8.3CVSS5.8AI score0.00265EPSS
Exploits1
OSV
OSV
added 2026/04/18 1:7 a.m.26 views

GHSA-MJW2-V2HM-WJ34 Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations

Summary The DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating dynamic partition key values into queries without escaping. A user with the Add Dynamic Partitions permission could create a partition key that injects arbitrary SQL, which would...

8.3CVSS6AI score0.00265EPSS
Exploits1References5
vulnersOsv
vulnersOsv
added 2026/04/18 1:7 a.m.6 views

dagster-duckdb-pandas (>=0.16.13 <=0.29.0), dagster-duckdb-polars (>=0.17.21 <=0.29.0) +6 more potentially affected by CVE-2026-41490 via dagster-duckdb (>=0.16.13 <=0.29.0)

dagster-duckdb PYPI version =0.16.13, =0.16.13, =0.17.21, =0.16.13, =0.1.1, =0.1.0, =0.1.0, =0.1.1 - lung-sarg =1.0.0 Source cves: CVE-2026-41490 Source advisory: OSV:GHSA-MJW2-V2HM-WJ34...

8.3CVSS5.4AI score0.00265EPSS
Exploits1
Github Security Blog
Github Security Blog
added 2026/04/18 1:7 a.m.29 views

Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations

Summary The DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating dynamic partition key values into queries without escaping. A user with the Add Dynamic Partitions permission could create a partition key that injects arbitrary SQL, which would...

8.3CVSS6AI score0.00265EPSS
Exploits1References5Affected Software6
Positive Technologies
Positive Technologies
added 2026/04/18 12:0 a.m.28 views

PT-2026-37118

Name of the Vulnerable Software and Affected Versions Dagster Core versions prior to 1.13.1 Dagster libraries versions prior to 0.29.1 Description DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers construct SQL WHERE clauses by interpolating dynamic partition key values into queries without...

8.3CVSS6AI score0.00265EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2026/04/15 7:5 a.m.148 views

Exploit for SQL Injection in Dbgpt Db-Gpt

CVE-2025-51458-exp Pre-Auth SQL Injection in DB-GPThttps:/...

6.5CVSS6AI score0.00325EPSS
Exploits2
Rows per page
Query Builder