CVE-2026-4593 in erupt
Summary
by MITRE • 03/23/2026
A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the component MCP Tool Interface. This manipulation causes sql injection hibernate. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 03/28/2026
The vulnerability identified as CVE-2026-4593 represents a critical sql injection flaw within the erupt bis 1.13.3 software suite, specifically targeting the EruptDataQuery function located in the MCP Tool Interface component. This vulnerability exists within the erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java file, making it a direct target for malicious actors seeking to exploit database access controls. The flaw manifests through improper input validation mechanisms that fail to adequately sanitize user-supplied data before incorporating it into sql queries, creating an exploitable vector that allows for arbitrary sql command execution.
The technical implementation of this vulnerability stems from the function's reliance on hibernate framework for database operations without proper parameterization or input sanitization. When user data is passed to the EruptDataQuery function, the system fails to properly escape or validate the input parameters, enabling attackers to inject malicious sql payloads directly into the query execution chain. This weakness aligns with CWE-89, which specifically addresses sql injection vulnerabilities where untrusted data is incorporated into sql commands without proper validation or escaping mechanisms. The vulnerability's remote exploitability means that attackers can leverage this flaw from external network positions without requiring local system access or authentication.
The operational impact of this vulnerability extends beyond simple data theft, as successful exploitation could enable complete database compromise including unauthorized data modification, deletion, or exfiltration. Attackers could potentially escalate privileges within the affected system, gain access to sensitive information stored in the database, or even establish persistent backdoor access through the compromised database interface. The fact that a working exploit has been published increases the risk profile significantly, as it removes the requirement for advanced technical skills to execute the attack. This vulnerability particularly affects organizations using the MCP Tool Interface component, potentially exposing critical business data and operational systems to unauthorized access.
Mitigation strategies should prioritize immediate patch deployment if available, though the vendor's lack of response to early disclosure attempts creates a significant challenge for affected organizations. Network segmentation and firewall rules should be implemented to restrict access to the affected component, while input validation mechanisms should be strengthened to prevent sql injection attacks. Database access controls should be reviewed and hardened to limit the potential impact of successful exploitation, and monitoring systems should be enhanced to detect anomalous sql query patterns. Organizations should also consider implementing web application firewalls and sql injection detection systems as additional protective measures. The vulnerability's classification under ATT&CK technique T1190 indicates that it fits within the broader category of exploitation through externally exposed interfaces, making comprehensive network security measures essential for protection against this specific threat vector.