Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

72 matches found

EUVD
EUVDadded 2026/04/01 6:36 p.m.1 views

EUVD-2026-17959

pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...

7.3CVSS6AI score0.00038EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/04/01 12:0 a.m.1 views

PandasAI 安全漏洞

PandasAI is an open-source Python library developed by PandasAI. It integrates artificial intelligence functions into pandas. Version 3.0.0 of PandasAI contains a security vulnerability, which stems from an SQL injection vulnerability in the pandasai.agent.base.executesqlquery component...

7.3CVSS5.8AI score0.00038EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/03/29 11:3 p.m.0 views

CVE-2026-4998

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00035EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/29 5:3 p.m.0 views

CVE-2026-4996

A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function deletequestionandanswers/deletedocs/updatequestionanswer/updatedocs/getrelevantquestionanswersbyid/getrelevantdocsbyid of the file extensions/ee/vectorstores/lancedb/pandasailancedb/lancedb....

7.5CVSS5.7AI score0.0004EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/29 5:3 p.m.2 views

CVE-2026-4997

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS5.5AI score0.00081EPSS
Exploits0References1
EUVD
EUVDadded 2026/03/28 3:32 p.m.0 views

EUVD-2026-16925

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00035EPSS
Exploits0References5
NVD
NVDadded 2026/03/28 2:15 p.m.1 views

CVE-2026-4998

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS0.00035EPSS
Exploits0References4
NVD
NVDadded 2026/03/28 1:16 p.m.2 views

CVE-2026-4997

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS0.00081EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/28 1:15 p.m.1 views

CVE-2026-4998

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00035EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/28 1:15 p.m.1 views

CVE-2026-4998 Sinaptik AI PandasAI Chat Message code_executor.py CodeExecutor.execute code injection

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00035EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/28 1:15 p.m.31 views

CVE-2026-4998 Sinaptik AI PandasAI Chat Message code_executor.py CodeExecutor.execute code injection

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS0.00035EPSS
Exploits0References4
CVE
CVEadded 2026/03/28 1:15 p.m.5 views

CVE-2026-4998

CVE-2026-4998 affects Sinaptik AI PandasAI up to 3.0.0, specifically the CodeExecutor.execute function in pandasai/core/code_execution/code_executor.py within the Chat Message Handler. The description states that executing a manipulation can lead to code injection, with remote exploitation possib...

7.5CVSS6.8AI score0.00035EPSS
Exploits0References4
EUVD
EUVDadded 2026/03/28 12:30 p.m.1 views

EUVD-2026-16921

A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function deletequestionandanswers/deletedocs/updatequestionanswer/updatedocs/getrelevantquestionanswersbyid/getrelevantdocsbyid of the file extensions/ee/vectorstores/lancedb/pandasailancedb/lancedb....

7.5CVSS5.7AI score0.0004EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/03/28 12:23 p.m.28 views

CVE-2026-4997 Sinaptik AI PandasAI sql_sanitizer.py is_sql_query_safe path traversal

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS0.00081EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/28 12:23 p.m.1 views

CVE-2026-4997

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS5.5AI score0.00081EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/28 12:23 p.m.2 views

CVE-2026-4997 Sinaptik AI PandasAI sql_sanitizer.py is_sql_query_safe path traversal

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS5.5AI score0.00081EPSS
Exploits0References4
CVE
CVEadded 2026/03/28 12:23 p.m.4 views

CVE-2026-4997

CVE-2026-4997 affects Sinaptik AI PandasAI up to version 3.0.0. The issue resides in is_sql_query_safe within pandasai/helpers/sql_sanitizer.py, where input manipulation enables path traversal. Exploitation is remote and the exploit has been released publicly. The vendor was contacted early but d...

6.9CVSS5.7AI score0.00081EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/28 11:30 a.m.1 views

CVE-2026-4996 Sinaptik AI PandasAI pandasai-lancedb Extension lancedb.py get_relevant_docs_by_id sql injection

A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function deletequestionandanswers/deletedocs/updatequestionanswer/updatedocs/getrelevantquestionanswersbyid/getrelevantdocsbyid of the file extensions/ee/vectorstores/lancedb/pandasailancedb/lancedb....

7.5CVSS6.8AI score0.0004EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/28 11:30 a.m.25 views

CVE-2026-4996 Sinaptik AI PandasAI pandasai-lancedb Extension lancedb.py get_relevant_docs_by_id sql injection

A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function deletequestionandanswers/deletedocs/updatequestionanswer/updatedocs/getrelevantquestionanswersbyid/getrelevantdocsbyid of the file extensions/ee/vectorstores/lancedb/pandasailancedb/lancedb....

7.5CVSS0.0004EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/28 11:30 a.m.1 views

CVE-2026-4996

A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function deletequestionandanswers/deletedocs/updatequestionanswer/updatedocs/getrelevantquestionanswersbyid/getrelevantdocsbyid of the file extensions/ee/vectorstores/lancedb/pandasailancedb/lancedb....

7.5CVSS6.8AI score0.0004EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder