Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/03/29 5:3 p.m.5 views

CVE-2026-4997

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS5.5AI score0.0055EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/28 3:32 p.m.2 views

EUVD-2026-16925

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00532EPSS
Exploits0References5
NVD
NVD
added 2026/03/28 1:16 p.m.8 views

CVE-2026-4997

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS0.0055EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/28 1:15 p.m.34 views

CVE-2026-4998 Sinaptik AI PandasAI Chat Message code_executor.py CodeExecutor.execute code injection

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS0.00532EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/28 12:30 p.m.2 views

EUVD-2026-16921

A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function deletequestionandanswers/deletedocs/updatequestionanswer/updatedocs/getrelevantquestionanswersbyid/getrelevantdocsbyid of the file extensions/ee/vectorstores/lancedb/pandasailancedb/lancedb....

7.5CVSS5.7AI score0.00259EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/28 12:23 p.m.3 views

CVE-2026-4997

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS5.5AI score0.0055EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/28 12:23 p.m.32 views

CVE-2026-4997 Sinaptik AI PandasAI sql_sanitizer.py is_sql_query_safe path traversal

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS0.0055EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/28 12:0 a.m.4 views

PT-2026-28715

Name of the Vulnerable Software and Affected Versions Sinaptik AI PandasAI versions up to 3.0.0 Description A security flaw exists in Sinaptik AI PandasAI up to version 3.0.0. The issue resides within the is sql query safe function located in the pandasai/helpers/sql sanitizer.py file, allowing f...

6.9CVSS5.7AI score0.0055EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/28 12:0 a.m.6 views

PT-2026-28714

Name of the Vulnerable Software and Affected Versions Sinaptik AI PandasAI versions up to 0.1.4 Description A SQL injection issue exists in the pandasai-lancedb Extension within Sinaptik AI PandasAI. The issue is located in the file extensions/ee/vectorstores/lancedb/pandasai lancedb/lancedb.py a...

7.5CVSS5.7AI score0.00259EPSS
Exploits0References6
Rows per page
Query Builder