Search

Find a vulnerability

Search criteria

    Related vulnerabilities

    GHSA-RH62-J648-G5QC

    Vulnerability from github – Published: 2026-07-02 21:14 – Updated: 2026-07-02 21:14
    VLAI
    Summary
    Recce server has unauthenticated SQL execution that allows local file read/write through DuckDB
    Details

    Impact

    Recce OSS server deployments that expose the server to an untrusted network without authentication are vulnerable to unauthenticated SQL execution through the query run API.

    When Recce is configured with a DuckDB-backed project, an attacker can use DuckDB filesystem primitives to read and write files accessible to the Recce server process. The impact depends on how Recce is deployed, but may include disclosure of local files, tampering with Recce/dbt artifacts, modification of browser-served static files leading to stored XSS, and modification of application files if those paths are writable. If Recce is run as root, file access occurs with root privileges inside that host or container.

    Patches

    This issue has been patched in Recce v1.50.0. Users should upgrade to Recce v1.50.0 or later.

    The patch restricts unsafe file read/write behavior for DuckDB-backed query execution and hardens the affected query path. Other warehouse adapters have also been reviewed for similar exposure.

    Credits

    Thanks to Sitampan (@hxcbtc) for responsibly reporting this issue.

    Workarounds

    Users who cannot upgrade immediately should avoid exposing recce server to the public internet or any untrusted network.

    Recommended mitigations include enabling authentication or placing Recce behind an authenticated reverse proxy/VPN, running Recce as a non-root user, using a read-only application filesystem where possible, and ensuring that sensitive files or credentials are not available to the Recce process.

    Show details on source website

    {
      "affected": [
        {
          "database_specific": {
            "last_known_affected_version_range": "\u003c= 1.49.0"
          },
          "package": {
            "ecosystem": "PyPI",
            "name": "recce"
          },
          "ranges": [
            {
              "events": [
                {
                  "introduced": "0"
                },
                {
                  "fixed": "1.50.0"
                }
              ],
              "type": "ECOSYSTEM"
            }
          ]
        }
      ],
      "aliases": [
        "CVE-2026-49360"
      ],
      "database_specific": {
        "cwe_ids": [
          "CWE-73"
        ],
        "github_reviewed": true,
        "github_reviewed_at": "2026-07-02T21:14:38Z",
        "nvd_published_at": null,
        "severity": "HIGH"
      },
      "details": "### Impact\nRecce OSS server deployments that expose the server to an untrusted network without authentication are vulnerable to unauthenticated SQL execution through the query run API.\n\nWhen Recce is configured with a DuckDB-backed project, an attacker can use DuckDB filesystem primitives to read and write files accessible to the Recce server process. The impact depends on how Recce is deployed, but may include disclosure of local files, tampering with Recce/dbt artifacts, modification of browser-served static files leading to stored XSS, and modification of application files if those paths are writable. If Recce is run as root, file access occurs with root privileges inside that host or container.\n\n### Patches\nThis issue has been patched in Recce `v1.50.0`. Users should upgrade to Recce `v1.50.0` or later.\n\nThe patch restricts unsafe file read/write behavior for DuckDB-backed query execution and hardens the affected query path. Other warehouse adapters have also been reviewed for similar exposure.\n\n### Credits\nThanks to Sitampan ([@hxcbtc](https://x.com/hxcbtc)) for responsibly reporting this issue.\n\n### Workarounds\nUsers who cannot upgrade immediately should avoid exposing `recce server` to the public internet or any untrusted network.\n\nRecommended mitigations include enabling authentication or placing Recce behind an authenticated reverse proxy/VPN, running Recce as a non-root user, using a read-only application filesystem where possible, and ensuring that sensitive files or credentials are not available to the Recce process.",
      "id": "GHSA-rh62-j648-g5qc",
      "modified": "2026-07-02T21:14:38Z",
      "published": "2026-07-02T21:14:38Z",
      "references": [
        {
          "type": "WEB",
          "url": "https://github.com/DataRecce/recce/security/advisories/GHSA-rh62-j648-g5qc"
        },
        {
          "type": "PACKAGE",
          "url": "https://github.com/DataRecce/recce"
        },
        {
          "type": "WEB",
          "url": "https://github.com/DataRecce/recce/releases/tag/v1.50.0"
        }
      ],
      "schema_version": "1.4.0",
      "severity": [
        {
          "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:H/SA:N",
          "type": "CVSS_V4"
        }
      ],
      "summary": "Recce server has unauthenticated SQL execution that allows local file read/write through DuckDB"
    }

    PYSEC-2026-3049

    Vulnerability from pysec - Published: 2026-07-13 15:46 - Updated: 2026-07-13 16:06
    VLAI
    Details

    Impact

    Recce OSS server deployments that expose the server to an untrusted network without authentication are vulnerable to unauthenticated SQL execution through the query run API.

    When Recce is configured with a DuckDB-backed project, an attacker can use DuckDB filesystem primitives to read and write files accessible to the Recce server process. The impact depends on how Recce is deployed, but may include disclosure of local files, tampering with Recce/dbt artifacts, modification of browser-served static files leading to stored XSS, and modification of application files if those paths are writable. If Recce is run as root, file access occurs with root privileges inside that host or container.

    Patches

    This issue has been patched in Recce v1.50.0. Users should upgrade to Recce v1.50.0 or later.

    The patch restricts unsafe file read/write behavior for DuckDB-backed query execution and hardens the affected query path. Other warehouse adapters have also been reviewed for similar exposure.

    Credits

    Thanks to Sitampan (@hxcbtc) for responsibly reporting this issue.

    Workarounds

    Users who cannot upgrade immediately should avoid exposing recce server to the public internet or any untrusted network.

    Recommended mitigations include enabling authentication or placing Recce behind an authenticated reverse proxy/VPN, running Recce as a non-root user, using a read-only application filesystem where possible, and ensuring that sensitive files or credentials are not available to the Recce process.

    Impacted products
    Name purl
    recce pkg:pypi/recce

    {
      "affected": [
        {
          "package": {
            "ecosystem": "PyPI",
            "name": "recce",
            "purl": "pkg:pypi/recce"
          },
          "ranges": [
            {
              "events": [
                {
                  "introduced": "0"
                },
                {
                  "fixed": "1.50.0"
                }
              ],
              "type": "ECOSYSTEM"
            }
          ],
          "versions": [
            "0.1.0",
            "0.1.0.dev0",
            "0.1.0.dev1",
            "0.1.0.dev2",
            "0.10.0",
            "0.11.0",
            "0.12.0",
            "0.12.1",
            "0.12.2",
            "0.13.0",
            "0.13.1",
            "0.14.0",
            "0.15.0",
            "0.16.0",
            "0.17.0",
            "0.18.0",
            "0.19.0",
            "0.2.0",
            "0.20.0",
            "0.20.1",
            "0.21.0",
            "0.21.1",
            "0.22.0",
            "0.22.1",
            "0.22.2",
            "0.22.3",
            "0.23.0",
            "0.23.1",
            "0.24.0",
            "0.25.1",
            "0.25.2",
            "0.26.0",
            "0.27.0",
            "0.28.0",
            "0.29.0",
            "0.3.0",
            "0.30.0",
            "0.31.0",
            "0.32.0",
            "0.33.0",
            "0.34.0",
            "0.35.0",
            "0.36.0",
            "0.37.0",
            "0.38.0",
            "0.38.1",
            "0.38.2",
            "0.38.3",
            "0.39.0",
            "0.4.0",
            "0.40.0",
            "0.41.0",
            "0.41.1",
            "0.42.0",
            "0.42.1",
            "0.43.0",
            "0.44.0",
            "0.44.1",
            "0.44.2",
            "0.44.3",
            "0.45.0",
            "0.46.0",
            "0.47.0",
            "0.48.0",
            "0.49.0",
            "0.5.0",
            "0.50.0",
            "0.51.0",
            "0.51.1",
            "0.51.2",
            "0.51.3",
            "0.52.0",
            "0.52.1",
            "0.53.0",
            "0.54.0",
            "0.55.0",
            "0.56.0",
            "0.56.1",
            "0.57.0",
            "0.57.1",
            "0.58.0",
            "0.58.1",
            "0.59.0",
            "0.6.0",
            "0.6.1",
            "0.60.0",
            "0.61.0",
            "0.7.0",
            "0.8.0",
            "0.8.1",
            "0.8.2",
            "0.9.0",
            "1.0.0",
            "1.0.1",
            "1.1.0",
            "1.1.1",
            "1.10.0",
            "1.11.0",
            "1.11.1",
            "1.11.2",
            "1.11.3",
            "1.12.0",
            "1.12.1",
            "1.13.0",
            "1.14.0",
            "1.15.0",
            "1.15.1",
            "1.16.0",
            "1.17.0",
            "1.17.1",
            "1.18.0",
            "1.19.0",
            "1.19.1",
            "1.19.2",
            "1.2.0",
            "1.20.0",
            "1.21.0",
            "1.21.1",
            "1.21.2",
            "1.22.0",
            "1.23.0",
            "1.23.1",
            "1.24.0",
            "1.24.1",
            "1.24.2",
            "1.24.3",
            "1.24.4",
            "1.25.0",
            "1.26.0",
            "1.26.1",
            "1.27.0",
            "1.27.1",
            "1.28.0",
            "1.28.1",
            "1.28.2",
            "1.28.3",
            "1.28.4",
            "1.29.0",
            "1.3.0",
            "1.3.0.20250508",
            "1.3.0.20250511",
            "1.3.0.20250512",
            "1.3.0.20250513",
            "1.30.0",
            "1.30.1",
            "1.30.2",
            "1.31.0",
            "1.32.0",
            "1.33.0",
            "1.33.1",
            "1.34.0",
            "1.34.1",
            "1.35.0",
            "1.35.1",
            "1.36.0",
            "1.37.0",
            "1.38.0",
            "1.39.0",
            "1.4.0",
            "1.40.0",
            "1.40.1",
            "1.40.2",
            "1.41.0",
            "1.42.0",
            "1.43.0",
            "1.43.1",
            "1.43.2",
            "1.43.3",
            "1.44.0",
            "1.44.1",
            "1.45.0",
            "1.46.0",
            "1.46.1",
            "1.46.2",
            "1.46.3",
            "1.47.0",
            "1.47.1",
            "1.48.0",
            "1.49.0",
            "1.5.0",
            "1.5.1",
            "1.6.0",
            "1.7.0",
            "1.7.1",
            "1.8.0",
            "1.9.0",
            "1.9.1",
            "1.9.2"
          ]
        }
      ],
      "aliases": [
        "CVE-2026-49360",
        "GHSA-rh62-j648-g5qc"
      ],
      "details": "### Impact\nRecce OSS server deployments that expose the server to an untrusted network without authentication are vulnerable to unauthenticated SQL execution through the query run API.\n\nWhen Recce is configured with a DuckDB-backed project, an attacker can use DuckDB filesystem primitives to read and write files accessible to the Recce server process. The impact depends on how Recce is deployed, but may include disclosure of local files, tampering with Recce/dbt artifacts, modification of browser-served static files leading to stored XSS, and modification of application files if those paths are writable. If Recce is run as root, file access occurs with root privileges inside that host or container.\n\n### Patches\nThis issue has been patched in Recce `v1.50.0`. Users should upgrade to Recce `v1.50.0` or later.\n\nThe patch restricts unsafe file read/write behavior for DuckDB-backed query execution and hardens the affected query path. Other warehouse adapters have also been reviewed for similar exposure.\n\n### Credits\nThanks to Sitampan ([@hxcbtc](https://x.com/hxcbtc)) for responsibly reporting this issue.\n\n### Workarounds\nUsers who cannot upgrade immediately should avoid exposing `recce server` to the public internet or any untrusted network.\n\nRecommended mitigations include enabling authentication or placing Recce behind an authenticated reverse proxy/VPN, running Recce as a non-root user, using a read-only application filesystem where possible, and ensuring that sensitive files or credentials are not available to the Recce process.",
      "id": "PYSEC-2026-3049",
      "modified": "2026-07-13T16:06:08.682827Z",
      "published": "2026-07-13T15:46:27.898921Z",
      "references": [
        {
          "type": "WEB",
          "url": "https://github.com/DataRecce/recce/security/advisories/GHSA-rh62-j648-g5qc"
        },
        {
          "type": "PACKAGE",
          "url": "https://github.com/DataRecce/recce"
        },
        {
          "type": "WEB",
          "url": "https://github.com/DataRecce/recce/releases/tag/v1.50.0"
        },
        {
          "type": "PACKAGE",
          "url": "https://pypi.org/project/recce"
        },
        {
          "type": "ADVISORY",
          "url": "https://github.com/advisories/GHSA-rh62-j648-g5qc"
        },
        {
          "type": "ADVISORY",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-49360"
        }
      ],
      "severity": [
        {
          "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:H/SA:N",
          "type": "CVSS_V4"
        }
      ],
      "summary": "Recce server has unauthenticated SQL execution that allows local file read/write through DuckDB"
    }