Which versions of SQLBot are affected by CVE-2026-33324?

SQLBot versions 1.7.0 and earlier contain a critical prompt injection vulnerability that allows authenticated users to execute arbitrary SQL commands and potentially achieve remote code execution on…. A patch is available.

SQLBot CVE-2026-33324

Q: What is the CVSS score of CVE-2026-33324?

CVE-2026-33324 has a CVSS 4.0 base score of 9.4 (Critical). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.3%.

EUVD-2026-27446 CRITICAL

SQL Injection (CWE-89)

2026-05-05 GitHub_M

RCE SQLi PostgreSQL

9.4

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

May 05, 2026 - 22:00 vuln.today

Patch available

May 05, 2026 - 21:02 EUVD

CVSS changed

May 05, 2026 - 20:22 NVD

9.4 (CRITICAL)

DescriptionNVD

SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided question parameter is directly concatenated into the LLM prompt without filtering or escaping, and the SQL extracted from the LLM response is executed against the database without validation or sanitization. An authenticated attacker can craft a malicious question to manipulate the LLM into generating and executing arbitrary SQL statements. When connected to a PostgreSQL data source, this can lead to remote code execution via COPY FROM PROGRAM. This issue has been fixed in version 1.7.1.

AnalysisAI

Prompt injection in SQLBot 1.7.0 and earlier allows authenticated attackers to execute arbitrary SQL statements through the Text2SQL chat interface, escalating to remote code execution when connected to PostgreSQL databases via COPY FROM PROGRAM. The vulnerability stems from unsanitized user input being directly concatenated into LLM prompts, with resulting SQL executed without validation. …

RemediationAI

Within 24 hours: Identify all systems running SQLBot 1.7.0 or earlier and assess their PostgreSQL connectivity and data sensitivity. Within 7 days: Apply vendor-released patch to SQLBot 1.7.1 on all affected instances and validate through testing. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-33324 vulnerability details – vuln.today

Back

SQLBot CVE-2026-33324

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

SQLBot CVE-2026-33324

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code