Lucene search
+L
Fit2cloudSqlbot

5 matches found

CVE
CVE
added 2026/05/13 9:26 p.m.35 views

CVE-2026-42463

SQLBot (an LLM/RAG-based Text-to-SQL system) contains a Cross-Workspace IDOR and Authorization Bypass vulnerability prior to version 1.8.0 in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema endpoints. An attacker could access and modify database schemas and data source...

8.6CVSS5.8AI score0.00249EPSS
CVE
CVE
added 2026/01/21 8:5 p.m.20 views

CVE-2025-69285

SQLBot prior to v1.5.0 is affected by an authentication bypass in the /api/v1/datasource/uploadExcel endpoint. The endpoint is whitelisted, allowing remote unauthenticated uploads of Excel/CSV files, which are parsed and inserted into PostgreSQL via to_sql() with if_exists='replace'. This enables...

8.7CVSS5.8AI score0.00394EPSS
Web
CVE
CVE
added 2026/03/19 8:55 p.m.17 views

CVE-2026-32622

SQLBot (versions ≤ 1.5.x) exposes a Stored Prompt Injection vulnerability consisting of three chained flaws: (1) missing permission check on the Excel upload API allowing any authenticated user to upload malicious terminology, (2) unsanitized storage of terminology descriptions containing dangero...

8.8CVSS6AI score0.00562EPSS
CVE
CVE
added 2026/03/20 4:8 a.m.17 views

CVE-2026-32949

SQLBot is vulnerable prior to version 1.7.0 to an SSRF leading to arbitrary local-file reads. An attacker can abuse /api/v1/datasource/check by supplying a forged MySQL data source with extraJdbc="local_infile=1". During connectivity verification, a rogue MySQL server issues a malicious LOAD DATA...

8.7CVSS5.9AI score0.00427EPSS
Web
CVE
CVE
added 2026/03/20 4:14 a.m.16 views

CVE-2026-32950

CVE-2026-32950 affects SQLBot prior to 1.7.0, where an authenticated user can trigger a critical SQL Injection in the /api/v1/datasource/uploadExcel endpoint. The root cause is unsanitized Excel sheet names concatenated into PostgreSQL table names and embedded into COPY statements via f-strings i...

8.8CVSS6.3AI score0.00878EPSS
Web