17 matches found
CVE-2026-30273
pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...
EUVD-2026-17959
pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...
CVE-2026-30273
pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...
CVE-2026-30273
CVE-2026-30273 affects pandas-ai v3.0.0 via the pandasai.agent.base._execute_sql_query component, introducing a SQL injection vulnerability. Root cause: improper handling of SQL query execution within the agent. Impact per CVSS: HIGH (7.3), with network attack vector, no user interaction required...
CVE-2026-30273
pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...
PT-2026-29566
pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base. execute sql query component...
EUVD-2023-2245
Malicious code in bioql PyPI...
CVE-2023-39661
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...
Arbitrary Code Execution
pandasai is vulnerable to Arbitrary Code Execution. An attacker is able to exploit this vulnerability by sending a specially crafted request to the Pandas-AI server. This request would cause the server to execute arbitrary code with the privileges of the root user. The vulnerability exists in...
CVE-2023-39661
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...
CVE-2023-39661
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...
CVE-2023-39661
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...
Design/Logic Flaw
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...
CVE-2023-39661
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...
CVE-2023-39661
An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...
PT-2023-27060
Name of the Vulnerable Software and Affected Versions pandas-ai versions 0.9.1 and earlier pandas-ai versions 0.8.1 and earlier Description An issue in pandas-ai allows a remote attacker to execute arbitrary code via the is jailbreak function. This enables the attacker to perform malicious action...
CVE-2023-39661
The issue affects pandas-ai up to version 0.9.1 (and earlier), where a vulnerability in the _is_jailbreak function can allow a remote attacker to execute arbitrary code. The root cause is exposure of the jailbreak-check logic that determines environment restrictions, enabling code execution with ...