5 matches found
CVE-2026-42463
SQLBot (an LLM/RAG-based Text-to-SQL system) contains a Cross-Workspace IDOR and Authorization Bypass vulnerability prior to version 1.8.0 in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema endpoints. An attacker could access and modify database schemas and data source...
CVE-2025-69285
SQLBot prior to v1.5.0 is affected by an authentication bypass in the /api/v1/datasource/uploadExcel endpoint. The endpoint is whitelisted, allowing remote unauthenticated uploads of Excel/CSV files, which are parsed and inserted into PostgreSQL via to_sql() with if_exists='replace'. This enables...
CVE-2026-32622
SQLBot (versions ≤ 1.5.x) exposes a Stored Prompt Injection vulnerability consisting of three chained flaws: (1) missing permission check on the Excel upload API allowing any authenticated user to upload malicious terminology, (2) unsanitized storage of terminology descriptions containing dangero...
CVE-2026-32949
SQLBot is vulnerable prior to version 1.7.0 to an SSRF leading to arbitrary local-file reads. An attacker can abuse /api/v1/datasource/check by supplying a forged MySQL data source with extraJdbc="local_infile=1". During connectivity verification, a rogue MySQL server issues a malicious LOAD DATA...
CVE-2026-32950
CVE-2026-32950 affects SQLBot prior to 1.7.0, where an authenticated user can trigger a critical SQL Injection in the /api/v1/datasource/uploadExcel endpoint. The root cause is unsanitized Excel sheet names concatenated into PostgreSQL table names and embedded into COPY statements via f-strings i...