Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Network-reachable low-complexity SQLi, but a signed-up authenticated account is required so PR:L not PR:N; COPY TO PROGRAM executes OS commands beyond the DBMS, so scope changes with full C/I/A loss.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
4DescriptionCVE.org
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filter[latestMsgReceiveTimestamp][$lt] value was inserted into a Sequelize.literal() template string without escaping or parameter binding, allowing a signed-up authenticated user to run stacked PostgreSQL statements and potentially execute commands with COPY ... TO PROGRAM. This vulnerability is fixed in 2.0.61.
Articles & Coverage 1
AnalysisAI
SQL injection in NocoBase's @nocobase/plugin-notification-in-app-message (before 2.0.61) lets any signed-up authenticated user reach GET /api/myInAppChannels:list and inject into the filter[latestMsgReceiveTimestamp][$lt] parameter, which is concatenated into a Sequelize.literal() template with no escaping or parameter binding. Because PostgreSQL permits stacked statements through this sink, an attacker can run arbitrary SQL and escalate to operating-system command execution via COPY ... …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Requires a valid authenticated NocoBase account (any self-signed-up user; the description says 'signed-up authenticated user'), network reachability to the application, and a PostgreSQL backend that permits stacked statements. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The signals are mostly aligned toward high priority but contain one material conflict. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker registers an ordinary account on an internet-facing NocoBase instance, authenticates, and sends GET /api/myInAppChannels:list with a crafted filter[latestMsgReceiveTimestamp][$lt] payload that closes the intended clause and appends stacked SQL. They then issue COPY (SELECT '') TO PROGRAM '<shell command>' to run OS commands on the database host. … |
| Remediation | Vendor-released patch: 2.0.61 - upgrade NocoBase to 2.0.61 or later, which replaces the unsafe Sequelize.literal() concatenation with validated/parameterized handling and rejects non-numeric timestamp input (see the release at https://github.com/nocobase/nocobase/releases/tag/v2.0.61 and advisory GHSA-p849-8hwh-84j9). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours, identify all NocoBase deployments and audit which versions run the @nocobase/plugin-notification-in-app-message plugin; implement network segmentation to restrict database access and deploy WAF rules blocking requests to /api/myInAppChannels:list containing filter parameters. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in PostgreSQL
View allPostgreSQL libpq functions PQescapeLiteral(), PQescapeIdentifier(), PQescapeString(), and PQescapeStringConn() improperl
An issue was discovered in Appsmith before 1.52. Rated critical severity (CVSS 9.8), this vulnerability is remotely expl
Argument injection vulnerability in PostgreSQL 9.2.x before 9.2.4, 9.1.x before 9.1.9, and 9.0.x before 9.0.13 allows re
Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.
PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allow
The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate t
A vulnerability in the h2oai/h2o-3 REST API versions 3.46.0.4 allows unauthenticated remote attackers to execute arbitra
In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_serve
## Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query strin
Parse Server is an open source http web server backend. Rated critical severity (CVSS 10.0), this vulnerability is remot
Hard-coded default PostgreSQL credentials shipped in the docker-compose.yaml of langgenius Dify through version 1.5.1 al
A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44802