Which versions of Docker are affected by CVE-2026-34825?

NocoBase plugin-workflow-sql versions through 2.0.8 contains a SQL injection vulnerability that allows authenticated workflow users to execute arbitrary database queries and extract sensitive data…. A patch is available.

How to fix or mitigate CVE-2026-34825?

Within 24 hours: Identify all NocoBase instances running plugin-workflow-sql version 2.0.8 or earlier and restrict workflow creation/modification permissions to trusted administrators only. Within 7 days: Upgrade NocoBase and plugin-workflow-sql to the latest patched version released by the vendor; verify patch application across all instances. Within 30 days: Audit workflow definitions created in the past 90 days for suspicious SQL patterns; review database access logs for unauthorized query execution; implement principle of least privilege by removing superuser database credentials from production deployments and using limited-scope service accounts.

Docker CVE-2026-34825

Q: What is the CVSS score of CVE-2026-34825?

CVE-2026-34825 has a CVSS 4.0 base score of 8.5 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

HIGH

SQL Injection (CWE-89)

2026-04-01 https://github.com/nocobase/nocobase

GHSA-vx58-fwwq-5g8j

Docker SQLi PostgreSQL Debian

8.5

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Apr 02, 2026 - 00:15 vuln.today

Patch released

Apr 02, 2026 - 00:15 nvd

Patch available

CVE Published

Apr 01, 2026 - 23:44 nvd

HIGH 8.5

DescriptionNVD

Summary

NocoBase <= 2.0.8 plugin-workflow-sql substitutes template variables directly into raw SQL strings via getParsedValue() without parameterization or escaping. Any user who triggers a workflow containing a SQL node with template variables from user-controlled data can inject arbitrary SQL.

Affected Versions

Affected: all versions through 2.0.8

Details

The SQLInstruction in packages/plugins/@nocobase/plugin-workflow-sql/src/server/SQLInstruction.ts line 28 processes SQL templates:

typescript

// SQLInstruction.ts:28
const sql = processor.getParsedValue(node.config.sql || '', node.id).trim();

Then executes the resulting string directly:

typescript

// SQLInstruction.ts:35
const [result] = await collectionManager.db.sequelize.query(sql, {
  transaction: this.workflow.useDataSourceTransaction(dataSourceName, processor.transaction),
});

getParsedValue() performs simple string substitution of {{$context.data.fieldName}} placeholders with values from the workflow trigger data. No escaping, quoting, or parameterized binding is applied.

When an admin creates a SQL node with a template like:

sql

SELECT * FROM users WHERE nickname = '{{$context.data.nickname}}'

Any user who triggers the workflow with a crafted value can break out of the string literal and inject arbitrary SQL.

Proof of Concept

Login as admin
Create a collection-trigger workflow on the users table (mode: after create)
Add a SQL node with:

sql

SELECT id, nickname, email FROM users WHERE nickname = '{{$context.data.nickname}}'

Enable the workflow
Create a user with nickname set to: ' UNION SELECT 1,version(),current_user --
Check execution result:

json

[
  {
    "id": 1,
    "nickname": "PostgreSQL 16.13 (Debian 16.13-1.pgdg13+1) on x86_64-pc-linux-gnu...",
    "email": "nocobase"
  }
]

The injected UNION SELECT returned the database version and current database user.

Impact

Full database read/write access through SQL injection. An attacker who can trigger a workflow with a SQL node containing template variables from user-controlled data can extract credentials, modify records, or drop tables. The severity depends on the database user's privileges (full superuser access in the default Docker deployment).

Suggested Fix

Use parameterized queries. Replace direct string substitution with Sequelize bind parameters:

diff

// SQLInstruction.ts
- const sql = processor.getParsedValue(node.config.sql || '', node.id).trim();
+ const { sql, bind } = processor.getParsedValueAsParams(node.config.sql || '', node.id);
  const [result] = await collectionManager.db.sequelize.query(sql, {
+   bind,
    transaction: ...
  });

AnalysisAI

{{$context.data.fieldName}}) directly into raw SQL statements, enabling attackers to break out of string literals and inject malicious SQL commands. Publicly available exploit code exists demonstrating UNION-based injection to extract database credentials and system information. …

RemediationAI

Within 24 hours: Identify all NocoBase instances running plugin-workflow-sql version 2.0.8 or earlier and restrict workflow creation/modification permissions to trusted administrators only. Within 7 days: Upgrade NocoBase and plugin-workflow-sql to the latest patched version released by the vendor; verify patch application across all instances. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory