Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for vanna by vanna-ai

    CVE-2026-6977 (GCVE-0-2026-6977)

    Vulnerability from nvd – Published: 2026-04-25 10:15 – Updated: 2026-04-27 13:34
    VLAI
    Title
    vanna-ai vanna Legacy Flask API improper authorization
    Summary
    A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-285 - Improper Authorization
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/359520 vdb-entry
    https://vuldb.com/vuln/359520/cti signaturepermissions-required
    https://vuldb.com/submit/795331 third-party-advisory
    https://github.com/yidaozhongqing/York/issues/2 exploitissue-tracking
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    York Shen (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6977",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-27T13:12:51.936173Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-27T13:34:28.591Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Legacy Flask API"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "York Shen (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-25T10:15:14.127Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-359520 | vanna-ai vanna Legacy Flask API improper authorization",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/359520"
            },
            {
              "name": "VDB-359520 | CTI Indicators (IOB, IOC, TTP)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/359520/cti"
            },
            {
              "name": "Submit #795331 | vanna-ai vanna 2.0.2 Unauthorized access to all API endpoints",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/795331"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/yidaozhongqing/York/issues/2"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-24T20:55:16.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna Legacy Flask API improper authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-6977",
        "datePublished": "2026-04-25T10:15:14.127Z",
        "dateReserved": "2026-04-24T18:50:10.544Z",
        "dateUpdated": "2026-04-27T13:34:28.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5321 (GCVE-0-2026-5321)

    Vulnerability from nvd – Published: 2026-04-02 04:45 – Updated: 2026-04-02 18:30
    VLAI
    Title
    vanna-ai vanna FastAPI/Flask Server cross-domain policy
    Summary
    A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component FastAPI/Flask Server. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
    • CWE-346 - Origin Validation Error
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/354653 vdb-entry
    https://vuldb.com/vuln/354653/cti signaturepermissions-required
    https://vuldb.com/submit/780729 third-party-advisory
    https://github.com/August829/CVEP/issues/14 exploitissue-tracking
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Yu_Bao (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5321",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T18:29:53.542419Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T18:30:05.222Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "FastAPI/Flask Server"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Yu_Bao (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component FastAPI/Flask Server. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4,
                "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-942",
                  "description": "Permissive Cross-domain Policy with Untrusted Domains",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-346",
                  "description": "Origin Validation Error",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T04:45:11.472Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354653 | vanna-ai vanna FastAPI/Flask Server cross-domain policy",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/354653"
            },
            {
              "name": "VDB-354653 | CTI Indicators (IOB, IOC)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354653/cti"
            },
            {
              "name": "Submit #780729 | vanna-ai vanna 2.0.2 CORS Origin Reflection with Credentials",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/780729"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/August829/CVEP/issues/14"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-01T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-01T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-01T15:05:20.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna FastAPI/Flask Server cross-domain policy"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5321",
        "datePublished": "2026-04-02T04:45:11.472Z",
        "dateReserved": "2026-04-01T13:00:12.749Z",
        "dateUpdated": "2026-04-02T18:30:05.222Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5320 (GCVE-0-2026-5320)

    Vulnerability from nvd – Published: 2026-04-02 03:45 – Updated: 2026-04-02 13:32
    VLAI
    Title
    vanna-ai vanna Chat API Endpoint v2 missing authentication
    Summary
    A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/354652 vdb-entry
    https://vuldb.com/vuln/354652/cti signaturepermissions-required
    https://vuldb.com/submit/780727 third-party-advisory
    https://github.com/August829/CVEP/issues/13 exploitissue-tracking
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Yu_Bao (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5320",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T13:24:26.747490Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T13:32:13.296Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Chat API Endpoint"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Yu_Bao (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "Missing Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T03:45:11.517Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354652 | vanna-ai vanna Chat API Endpoint v2 missing authentication",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/354652"
            },
            {
              "name": "VDB-354652 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354652/cti"
            },
            {
              "name": "Submit #780727 | vanna-ai vanna 2.0.2 Missing Authentication on All API Endpoints",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/780727"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/August829/CVEP/issues/13"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-01T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-01T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-01T15:05:18.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna Chat API Endpoint v2 missing authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5320",
        "datePublished": "2026-04-02T03:45:11.517Z",
        "dateReserved": "2026-04-01T13:00:08.204Z",
        "dateUpdated": "2026-04-02T13:32:13.296Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4513 (GCVE-0-2026-4513)

    Vulnerability from nvd – Published: 2026-03-21 10:02 – Updated: 2026-03-23 16:30
    VLAI
    Title
    vanna-ai vanna base.py ask sql injection
    Summary
    A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.352078 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.352078 signaturepermissions-required
    https://vuldb.com/?submit.773906 third-party-advisory
    https://github.com/Ka7arotto/cve/blob/main/vanna-… exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Goku (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4513",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T16:29:52.913397Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-23T16:30:05.313Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Goku (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\\legacy\\base\\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-21T10:02:11.763Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-352078 | vanna-ai vanna base.py ask sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.352078"
            },
            {
              "name": "VDB-352078 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.352078"
            },
            {
              "name": "Submit #773906 | vanna.ai vanna 2.0.2 SQL Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.773906"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Ka7arotto/cve/blob/main/vanna-text2sql/vanna-sql-rce.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-20T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-20T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-20T15:35:04.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna base.py ask sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4513",
        "datePublished": "2026-03-21T10:02:11.763Z",
        "dateReserved": "2026-03-20T14:28:43.476Z",
        "dateUpdated": "2026-03-23T16:30:05.313Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4511 (GCVE-0-2026-4511)

    Vulnerability from nvd – Published: 2026-03-21 08:32 – Updated: 2026-03-23 16:40
    VLAI
    Title
    vanna-ai vanna legacy exec injection
    Summary
    A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.352077 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.352077 signaturepermissions-required
    https://vuldb.com/?submit.773905 third-party-advisory
    https://github.com/Ka7arotto/cve/blob/main/vanna-rce.md exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Goku (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4511",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T16:21:41.956818Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-23T16:40:15.990Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Goku (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-707",
                  "description": "Improper Neutralization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-21T08:32:11.540Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-352077 | vanna-ai vanna legacy exec injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.352077"
            },
            {
              "name": "VDB-352077 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.352077"
            },
            {
              "name": "Submit #773905 | vanna.ai vanna 2.0.2 Remote command execution",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.773905"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Ka7arotto/cve/blob/main/vanna-rce.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-20T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-20T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-20T15:33:48.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna legacy exec injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4511",
        "datePublished": "2026-03-21T08:32:11.540Z",
        "dateReserved": "2026-03-20T14:28:39.762Z",
        "dateUpdated": "2026-03-23T16:40:15.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4231 (GCVE-0-2026-4231)

    Vulnerability from nvd – Published: 2026-03-16 09:02 – Updated: 2026-03-16 16:28
    VLAI
    Title
    vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery
    Summary
    A vulnerability was found in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function update_sql/run_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.351154 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.351154 signaturepermissions-required
    https://vuldb.com/?submit.771217 third-party-advisory
    https://gist.github.com/YLChen-007/57454201575595… exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Eric-y (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4231",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T16:28:03.248964Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T16:28:22.159Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Endpoint"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-y (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function update_sql/run_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-16T09:02:08.031Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-351154 | vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.351154"
            },
            {
              "name": "VDB-351154 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.351154"
            },
            {
              "name": "Submit #771217 | vanna-ai Vanna 2.0.2 Server-Side Request Forgery (CWE-918)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.771217"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/574542015755951ee1d53206022cc754"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-15T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-15T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-15T19:50:18.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4231",
        "datePublished": "2026-03-16T09:02:08.031Z",
        "dateReserved": "2026-03-15T18:45:11.141Z",
        "dateUpdated": "2026-03-16T16:28:22.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4230 (GCVE-0-2026-4230)

    Vulnerability from nvd – Published: 2026-03-16 08:32 – Updated: 2026-03-16 16:30
    VLAI
    Title
    vanna-ai vanna Endpoint __init__.py update_sql sql injection
    Summary
    A vulnerability has been found in vanna-ai vanna up to 2.0.2. Affected is the function update_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.351153 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.351153 signaturepermissions-required
    https://vuldb.com/?submit.771215 third-party-advisory
    https://gist.github.com/YLChen-007/48b86c2365e5eb… exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Eric-y (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4230",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T16:29:24.016572Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T16:30:08.379Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Endpoint"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-y (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in vanna-ai vanna up to 2.0.2. Affected is the function update_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-16T08:32:09.924Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-351153 | vanna-ai vanna Endpoint __init__.py update_sql sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.351153"
            },
            {
              "name": "VDB-351153 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.351153"
            },
            {
              "name": "Submit #771215 | vanna-ai Vanna 2.0.2 SQL Injection (CWE-89)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.771215"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/48b86c2365e5ebf6923d5f14491b4329"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-15T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-15T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-15T19:50:17.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna Endpoint __init__.py update_sql sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4230",
        "datePublished": "2026-03-16T08:32:09.924Z",
        "dateReserved": "2026-03-15T18:45:08.464Z",
        "dateUpdated": "2026-03-16T16:30:08.379Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4229 (GCVE-0-2026-4229)

    Vulnerability from nvd – Published: 2026-03-16 08:32 – Updated: 2026-03-16 16:35
    VLAI
    Title
    vanna-ai vanna bigquery_vector.py remove_training_data sql injection
    Summary
    A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data of the file src/vanna/legacy/google/bigquery_vector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.351152 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.351152 signaturepermissions-required
    https://vuldb.com/?submit.771214 third-party-advisory
    https://gist.github.com/YLChen-007/b4f326eaecc29b… exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Eric-y (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4229",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T16:34:32.418977Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T16:35:33.466Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-y (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data of the file src/vanna/legacy/google/bigquery_vector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-16T08:32:07.744Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-351152 | vanna-ai vanna bigquery_vector.py remove_training_data sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.351152"
            },
            {
              "name": "VDB-351152 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.351152"
            },
            {
              "name": "Submit #771214 | vanna-ai Vanna 2.0.2 SQL Injection (CWE-89)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.771214"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/b4f326eaecc29b192cf93dc5d6bc0623"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-15T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-15T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-15T19:50:15.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna bigquery_vector.py remove_training_data sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4229",
        "datePublished": "2026-03-16T08:32:07.744Z",
        "dateReserved": "2026-03-15T18:45:03.703Z",
        "dateUpdated": "2026-03-16T16:35:33.466Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-6977 (GCVE-0-2026-6977)

    Vulnerability from cvelistv5 – Published: 2026-04-25 10:15 – Updated: 2026-04-27 13:34
    VLAI
    Title
    vanna-ai vanna Legacy Flask API improper authorization
    Summary
    A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-285 - Improper Authorization
    • CWE-266 - Incorrect Privilege Assignment
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/359520 vdb-entry
    https://vuldb.com/vuln/359520/cti signaturepermissions-required
    https://vuldb.com/submit/795331 third-party-advisory
    https://github.com/yidaozhongqing/York/issues/2 exploitissue-tracking
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    York Shen (VulDB User) VulDB CNA Team
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-6977",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-27T13:12:51.936173Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-27T13:34:28.591Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Legacy Flask API"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "York Shen (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB CNA Team"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-285",
                  "description": "Improper Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-266",
                  "description": "Incorrect Privilege Assignment",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-25T10:15:14.127Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-359520 | vanna-ai vanna Legacy Flask API improper authorization",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/359520"
            },
            {
              "name": "VDB-359520 | CTI Indicators (IOB, IOC, TTP)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/359520/cti"
            },
            {
              "name": "Submit #795331 | vanna-ai vanna 2.0.2 Unauthorized access to all API endpoints",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/795331"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/yidaozhongqing/York/issues/2"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-24T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-24T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-24T20:55:16.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna Legacy Flask API improper authorization"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-6977",
        "datePublished": "2026-04-25T10:15:14.127Z",
        "dateReserved": "2026-04-24T18:50:10.544Z",
        "dateUpdated": "2026-04-27T13:34:28.591Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5321 (GCVE-0-2026-5321)

    Vulnerability from cvelistv5 – Published: 2026-04-02 04:45 – Updated: 2026-04-02 18:30
    VLAI
    Title
    vanna-ai vanna FastAPI/Flask Server cross-domain policy
    Summary
    A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component FastAPI/Flask Server. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-942 - Permissive Cross-domain Policy with Untrusted Domains
    • CWE-346 - Origin Validation Error
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/354653 vdb-entry
    https://vuldb.com/vuln/354653/cti signaturepermissions-required
    https://vuldb.com/submit/780729 third-party-advisory
    https://github.com/August829/CVEP/issues/14 exploitissue-tracking
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Yu_Bao (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5321",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T18:29:53.542419Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T18:30:05.222Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "FastAPI/Flask Server"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Yu_Bao (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component FastAPI/Flask Server. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 4,
                "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-942",
                  "description": "Permissive Cross-domain Policy with Untrusted Domains",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-346",
                  "description": "Origin Validation Error",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T04:45:11.472Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354653 | vanna-ai vanna FastAPI/Flask Server cross-domain policy",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/354653"
            },
            {
              "name": "VDB-354653 | CTI Indicators (IOB, IOC)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354653/cti"
            },
            {
              "name": "Submit #780729 | vanna-ai vanna 2.0.2 CORS Origin Reflection with Credentials",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/780729"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/August829/CVEP/issues/14"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-01T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-01T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-01T15:05:20.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna FastAPI/Flask Server cross-domain policy"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5321",
        "datePublished": "2026-04-02T04:45:11.472Z",
        "dateReserved": "2026-04-01T13:00:12.749Z",
        "dateUpdated": "2026-04-02T18:30:05.222Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-5320 (GCVE-0-2026-5320)

    Vulnerability from cvelistv5 – Published: 2026-04-02 03:45 – Updated: 2026-04-02 13:32
    VLAI
    Title
    vanna-ai vanna Chat API Endpoint v2 missing authentication
    Summary
    A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/vuln/354652 vdb-entry
    https://vuldb.com/vuln/354652/cti signaturepermissions-required
    https://vuldb.com/submit/780727 third-party-advisory
    https://github.com/August829/CVEP/issues/13 exploitissue-tracking
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Yu_Bao (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-5320",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-04-02T13:24:26.747490Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-04-02T13:32:13.296Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Chat API Endpoint"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Yu_Bao (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the component Chat API Endpoint. Performing a manipulation results in missing authentication. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-306",
                  "description": "Missing Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-02T03:45:11.517Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-354652 | vanna-ai vanna Chat API Endpoint v2 missing authentication",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/vuln/354652"
            },
            {
              "name": "VDB-354652 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/vuln/354652/cti"
            },
            {
              "name": "Submit #780727 | vanna-ai vanna 2.0.2 Missing Authentication on All API Endpoints",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/submit/780727"
            },
            {
              "tags": [
                "exploit",
                "issue-tracking"
              ],
              "url": "https://github.com/August829/CVEP/issues/13"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-04-01T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-04-01T02:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-04-01T15:05:18.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna Chat API Endpoint v2 missing authentication"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-5320",
        "datePublished": "2026-04-02T03:45:11.517Z",
        "dateReserved": "2026-04-01T13:00:08.204Z",
        "dateUpdated": "2026-04-02T13:32:13.296Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4513 (GCVE-0-2026-4513)

    Vulnerability from cvelistv5 – Published: 2026-03-21 10:02 – Updated: 2026-03-23 16:30
    VLAI
    Title
    vanna-ai vanna base.py ask sql injection
    Summary
    A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.352078 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.352078 signaturepermissions-required
    https://vuldb.com/?submit.773906 third-party-advisory
    https://github.com/Ka7arotto/cve/blob/main/vanna-… exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Goku (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4513",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T16:29:52.913397Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-23T16:30:05.313Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Goku (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\\legacy\\base\\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-21T10:02:11.763Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-352078 | vanna-ai vanna base.py ask sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.352078"
            },
            {
              "name": "VDB-352078 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.352078"
            },
            {
              "name": "Submit #773906 | vanna.ai vanna 2.0.2 SQL Injection",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.773906"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Ka7arotto/cve/blob/main/vanna-text2sql/vanna-sql-rce.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-20T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-20T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-20T15:35:04.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna base.py ask sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4513",
        "datePublished": "2026-03-21T10:02:11.763Z",
        "dateReserved": "2026-03-20T14:28:43.476Z",
        "dateUpdated": "2026-03-23T16:30:05.313Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4511 (GCVE-0-2026-4511)

    Vulnerability from cvelistv5 – Published: 2026-03-21 08:32 – Updated: 2026-03-23 16:40
    VLAI
    Title
    vanna-ai vanna legacy exec injection
    Summary
    A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.352077 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.352077 signaturepermissions-required
    https://vuldb.com/?submit.773905 third-party-advisory
    https://github.com/Ka7arotto/cve/blob/main/vanna-rce.md exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Goku (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4511",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-23T16:21:41.956818Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-23T16:40:15.990Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Goku (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-707",
                  "description": "Improper Neutralization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-21T08:32:11.540Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-352077 | vanna-ai vanna legacy exec injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.352077"
            },
            {
              "name": "VDB-352077 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.352077"
            },
            {
              "name": "Submit #773905 | vanna.ai vanna 2.0.2 Remote command execution",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.773905"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Ka7arotto/cve/blob/main/vanna-rce.md"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-20T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-20T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-20T15:33:48.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna legacy exec injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4511",
        "datePublished": "2026-03-21T08:32:11.540Z",
        "dateReserved": "2026-03-20T14:28:39.762Z",
        "dateUpdated": "2026-03-23T16:40:15.990Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4231 (GCVE-0-2026-4231)

    Vulnerability from cvelistv5 – Published: 2026-03-16 09:02 – Updated: 2026-03-16 16:28
    VLAI
    Title
    vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery
    Summary
    A vulnerability was found in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function update_sql/run_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-918 - Server-Side Request Forgery
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.351154 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.351154 signaturepermissions-required
    https://vuldb.com/?submit.771217 third-party-advisory
    https://gist.github.com/YLChen-007/57454201575595… exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Eric-y (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4231",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T16:28:03.248964Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T16:28:22.159Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Endpoint"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-y (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability was found in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function update_sql/run_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-918",
                  "description": "Server-Side Request Forgery",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-16T09:02:08.031Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-351154 | vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.351154"
            },
            {
              "name": "VDB-351154 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.351154"
            },
            {
              "name": "Submit #771217 | vanna-ai Vanna 2.0.2 Server-Side Request Forgery (CWE-918)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.771217"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/574542015755951ee1d53206022cc754"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-15T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-15T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-15T19:50:18.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4231",
        "datePublished": "2026-03-16T09:02:08.031Z",
        "dateReserved": "2026-03-15T18:45:11.141Z",
        "dateUpdated": "2026-03-16T16:28:22.159Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4230 (GCVE-0-2026-4230)

    Vulnerability from cvelistv5 – Published: 2026-03-16 08:32 – Updated: 2026-03-16 16:30
    VLAI
    Title
    vanna-ai vanna Endpoint __init__.py update_sql sql injection
    Summary
    A vulnerability has been found in vanna-ai vanna up to 2.0.2. Affected is the function update_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.351153 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.351153 signaturepermissions-required
    https://vuldb.com/?submit.771215 third-party-advisory
    https://gist.github.com/YLChen-007/48b86c2365e5eb… exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Eric-y (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4230",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T16:29:24.016572Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T16:30:08.379Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "Endpoint"
              ],
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-y (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been found in vanna-ai vanna up to 2.0.2. Affected is the function update_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-16T08:32:09.924Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-351153 | vanna-ai vanna Endpoint __init__.py update_sql sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.351153"
            },
            {
              "name": "VDB-351153 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.351153"
            },
            {
              "name": "Submit #771215 | vanna-ai Vanna 2.0.2 SQL Injection (CWE-89)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.771215"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/48b86c2365e5ebf6923d5f14491b4329"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-15T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-15T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-15T19:50:17.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna Endpoint __init__.py update_sql sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4230",
        "datePublished": "2026-03-16T08:32:09.924Z",
        "dateReserved": "2026-03-15T18:45:08.464Z",
        "dateUpdated": "2026-03-16T16:30:08.379Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-4229 (GCVE-0-2026-4229)

    Vulnerability from cvelistv5 – Published: 2026-03-16 08:32 – Updated: 2026-03-16 16:35
    VLAI
    Title
    vanna-ai vanna bigquery_vector.py remove_training_data sql injection
    Summary
    A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data of the file src/vanna/legacy/google/bigquery_vector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
    SSVC
    Exploitation: poc Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.351152 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.351152 signaturepermissions-required
    https://vuldb.com/?submit.771214 third-party-advisory
    https://gist.github.com/YLChen-007/b4f326eaecc29b… exploit
    Impacted products
    Vendor Product Version
    vanna-ai vanna Affected: 2.0.0
    Affected: 2.0.1
    Affected: 2.0.2
    Create a notification for this product.
    Credits
    Eric-y (VulDB User) VulDB
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-4229",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-16T16:34:32.418977Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-16T16:35:33.466Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "vanna",
              "vendor": "vanna-ai",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.0.0"
                },
                {
                  "status": "affected",
                  "version": "2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.0.2"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Eric-y (VulDB User)"
            },
            {
              "lang": "en",
              "type": "coordinator",
              "value": "VulDB"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data of the file src/vanna/legacy/google/bigquery_vector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 7.3,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 7.5,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-74",
                  "description": "Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-16T08:32:07.744Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-351152 | vanna-ai vanna bigquery_vector.py remove_training_data sql injection",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.351152"
            },
            {
              "name": "VDB-351152 | CTI Indicators (IOB, IOC, TTP, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.351152"
            },
            {
              "name": "Submit #771214 | vanna-ai Vanna 2.0.2 SQL Injection (CWE-89)",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.771214"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://gist.github.com/YLChen-007/b4f326eaecc29b192cf93dc5d6bc0623"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-03-15T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2026-03-15T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2026-03-15T19:50:15.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "vanna-ai vanna bigquery_vector.py remove_training_data sql injection"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2026-4229",
        "datePublished": "2026-03-16T08:32:07.744Z",
        "dateReserved": "2026-03-15T18:45:03.703Z",
        "dateUpdated": "2026-03-16T16:35:33.466Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }