| Titre | Vanna AI Vanna 2.0.2 Direct SQL Injection via Legacy Flask API in Vanna |
|---|
| Description | Vanna <= 2.0.2 contains a direct SQL injection vulnerability in its legacy Flask API. The `/api/v0/update_sql` endpoint allows an unauthenticated attacker to store arbitrary SQL statements in the server-side cache, and the `/api/v0/run_sql` endpoint retrieves and executes them directly against the connected database without any validation or parameterization. Combined with the default `NoAuth()` authentication (which requires no credentials), this creates a complete unauthenticated remote SQL injection chain that does not depend on LLM behavior. |
|---|
| La source | ⚠️ https://github.com/yidaozhongqing/York/issues/1 |
|---|
| Utilisateur | York Shen (UID 97025) |
|---|
| Soumission | 02/04/2026 09:30 (il y a 25 jours) |
|---|
| Modérer | 24/04/2026 20:47 (22 days later) |
|---|
| Statut | Dupliqué |
|---|
| Entrée VulDB | 351153 [vanna-ai vanna jusqu’à 2.0.2 Endpoint __init__.py update_sql injection SQL] |
|---|
| Points | 0 |
|---|