EUVD-2026-25653

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and ma...

CVE-2026-5320

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is n...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2026-5320 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2026-5320 Source advisory: SNYK:PYTHON-VANNA-15873865...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2026-5321 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2026-5321 Source advisory: SNYK:PYTHON-VANNA-15873866...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2026-4513 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2026-4513 Source advisory: SNYK:PYTHON-VANNA-15756488...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2026-4511 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2026-4511 Source advisory: SNYK:PYTHON-VANNA-15756186...

CVE-2026-4511 vanna-ai vanna legacy exec injection

A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early...

PT-2026-26886

A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vannalegacybasebase.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2026-4229 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2026-4229 Source advisory: SNYK:PYTHON-VANNA-15674521...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2026-4230 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2026-4230 Source advisory: SNYK:PYTHON-VANNA-15674519...

Vanna SQL注入漏洞

Vanna is a personalized AI SQL proxy from Vanna Corporation. Versions of Vanna 2.0.2 and earlier had a SQL injection vulnerability. This vulnerability stemmed from improper handling of the updatesql function in the src/vanna/legacy/flask/init.py file of the component endpoint, which could lead to...

CVE-2024-8055

Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations using the PUT and COPY commands. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, such as /etc/passwd, by exploiting the exposed SQL queries...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2024-6841 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2024-6841 Source advisory: SNYK:PYTHON-VANNA-9680143...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.3.0) +2 more potentially affected by CVE-2024-8055 via vanna (>=0.0.30 <=2.0.2)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =1.0.0, =2.0.0 Source cves: CVE-2024-8055 Source advisory: SNYK:PYTHON-VANNA-9667555...

SQL Injection

Overview vanna is a Generate SQL queries from natural language Affected versions of this package are vulnerable to SQL Injection by injecting a series of PUT and COPY statements as raw SQL using the "Manually Fix" feature in the Snowflake database integration. The runsqlsnowflake function will...

Vanna 信息泄露漏洞

Vanna is a personalized AI SQL agent from Vanna Inc. An information disclosure vulnerability exists in Vanna version v0.6.3, which stems from an SQL injection via the Snowflake database during file staging operations using the PUT and COPY commands, allowing an unauthenticated remote user to read...

Vanna Information Disclosure Vulnerability

Vanna is a personalized AI SQL agent from Vanna. An information disclosure vulnerability exists in v0.3.4 of vanna, which stems from the vulnerability of certain file-related functions to SQL injection attacks. An unauthenticated, remote attacker exploiting this vulnerability could read arbitrary...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.1.4) potentially affected by CVE-2024-5565 via vanna (>=0.0.30 <=0.0.36)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =0.1.4 Source cves: CVE-2024-5565 Source advisory: OSV:GHSA-7735-W2JP-GVG6...

PT-2024-5388 · Duckdb +2 · Duckdb +2

Name of the Vulnerable Software and Affected Versions: Vanna version 0.3.4 Description: The issue is related to the Vanna framework's web interface, specifically with its integration of DuckDB and Flask Web APIs. It allows for SQL injection, enabling attackers to inject malicious SQL training dat...