Enviar #773899: Mindinventory MindSQL v0.2.1 SQL Injectioninformación

TítuloMindinventory MindSQL v0.2.1 SQL Injection
DescripciónThe vulnerability exists in the complete trust chain between user input, LLM output, and SQL execution. Malicious users can exploit this through prompt injection attacks, manipulating the LLM to generate arbitrary SQL statements that are then executed directly on the database server. The core issue stems from the system's implicit trust in LLM-generated SQL without any filtering or validation in the execution pipeline.
Fuente⚠️ https://github.com/Ka7arotto/cve/blob/main/mindsql-text2sql/issue.md
Usuario
 Goku (UID 80486)
Sumisión2026-03-06 12:37 (hace 3 meses)
Moderación2026-03-20 15:08 (14 days later)
EstadoAceptado
Entrada de VulDB352073 [Mindinventory MindSQL hasta 0.2.1 mindsql_core.py ask_db inyección SQL]
Puntos19

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!