CVE-2026-47385

CVE-2026-47385 (NocoDB) : An authenticated user with base-create permission can attach a SQLite source that points to an arbitrary file on the host, bypassing location restrictions in the SQLite client and base-create services. This can target internal databases (e.g., noco.db or tenant databases...

CVE-2026-47385

NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with base-create permission can attach a SQLite source pointing at an arbitrary file on the NocoDB host, including NocoDB's own internal databases. The SQLite client and the base/integration creat...

Astra Linux – Vulnerability in SQLite3

SQLite 3.30.1 improperly handles pExpr-y.pTab, as demonstrated by the TKCOLUMN case in sqlite3ExprCodeTarget in expr.c...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfsd: returns -EINVAL when namelen is 0 When we have a corrupted main.sqlite file in /var/lib/nfs/nfsdcld/, it may result in namelen being 0, which will cause memdupuser to return ZEROSIZEPTR. When we access the name.data that ha...

CVE-2026-11824 affecting package sqlite for versions less than 3.44.0-4

CVE-2026-11824 affecting package sqlite for versions less than 3.44.0-4. A patched version of the package is available...

CVE-2026-11822 affecting package sqlite for versions less than 3.44.0-4

CVE-2026-11822 affecting package sqlite for versions less than 3.44.0-4. A patched version of the package is available...

BIT-SQLITE-2026-11824 SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...

BIT-SQLITE-2026-11822 SQLite before 3.53.2 Memory Corruption in FTS5 Extension

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

SUSE CVE-2026-11822

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

SUSE CVE-2026-11824

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...

EulerOS Virtualization 2.13.1 : sqlite (EulerOS-SA-2026-2389)

According to the versions of the sqlite packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows...

Linux Distros Unpatched Vulnerability : CVE-2026-11824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execut...

Linux Distros Unpatched Vulnerability : CVE-2026-11822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory...

EulerOS Virtualization 2.13.0 : sqlite (EulerOS-SA-2026-2418)

According to the versions of the sqlite packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows...

SQLite before 3.53.2 Memory Corruption in FTS5 Extension

...

SQLite before 3.53.2 Heap Buffer Overflow via FTS5 fts5ChunkIterate

...

EulerOS 2.0 SP13 : sqlite (EulerOS-SA-2026-2357)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain...

EulerOS 2.0 SP13 : sqlite (EulerOS-SA-2026-2314)

According to the versions of the sqlite packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain...

DEBIAN-CVE-2026-11822

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

CVE-2026-11822

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...