Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/04/02 5:4 a.m.6 views

CVE-2026-30273

pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...

7.3CVSS6AI score0.00187EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/01 6:36 p.m.3 views

EUVD-2026-17959

pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...

7.3CVSS6AI score0.00187EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/01 12:0 a.m.5 views

CVE-2026-30273

pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...

6AI score0.00187EPSS
Exploits0References2
CVE
CVE
added 2026/04/01 12:0 a.m.11 views

CVE-2026-30273

CVE-2026-30273 affects pandas-ai v3.0.0 via the pandasai.agent.base._execute_sql_query component, introducing a SQL injection vulnerability. Root cause: improper handling of SQL query execution within the agent. Impact per CVSS: HIGH (7.3), with network attack vector, no user interaction required...

7.3CVSS6AI score0.00187EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/01 12:0 a.m.18 views

CVE-2026-30273

pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base.executesqlquery component...

0.00187EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.11 views

PT-2026-29566

pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base. execute sql query component...

7.3CVSS6AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-2245

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0117EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 4:11 a.m.6 views

CVE-2023-39661

An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

9.8CVSS7.8AI score0.0117EPSS
Exploits1
Veracode
Veracode
added 2023/08/17 4:1 a.m.24 views

Arbitrary Code Execution

pandasai is vulnerable to Arbitrary Code Execution. An attacker is able to exploit this vulnerability by sending a specially crafted request to the Pandas-AI server. This request would cause the server to execute arbitrary code with the privileges of the root user. The vulnerability exists in...

9.8CVSS7.8AI score0.0117EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/08/15 5:15 p.m.5 views

CVE-2023-39661

An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

9.8CVSS6.1AI score0.0117EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/08/15 5:15 p.m.3 views

CVE-2023-39661

An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

9.8CVSS6.2AI score0.0117EPSS
Exploits1References2
NVD
NVD
added 2023/08/15 5:15 p.m.18 views

CVE-2023-39661

An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

9.8CVSS9.7AI score0.0117EPSS
Exploits1References1
Prion
Prion
added 2023/08/15 5:15 p.m.23 views

Design/Logic Flaw

An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

7.5CVSS9.7AI score0.0117EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/08/15 12:0 a.m.25 views

CVE-2023-39661

An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

9.9AI score0.0117EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/08/15 12:0 a.m.19 views

CVE-2023-39661

An issue in pandas-ai v.0.9.1 and before allows a remote attacker to execute arbitrary code via the isjailbreak function...

8.1AI score0.0117EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/08/15 12:0 a.m.5 views

PT-2023-27060

Name of the Vulnerable Software and Affected Versions pandas-ai versions 0.9.1 and earlier pandas-ai versions 0.8.1 and earlier Description An issue in pandas-ai allows a remote attacker to execute arbitrary code via the is jailbreak function. This enables the attacker to perform malicious action...

9.8CVSS7.7AI score0.0117EPSS
Exploits1References11
CVE
CVE
added 2023/08/15 12:0 a.m.72 views

CVE-2023-39661

The issue affects pandas-ai up to version 0.9.1 (and earlier), where a vulnerability in the _is_jailbreak function can allow a remote attacker to execute arbitrary code. The root cause is exposure of the jailbreak-check logic that determines environment restrictions, enabling code execution with ...

9.8CVSS9.6AI score0.0117EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder