EUVD-2026-12373
GHSA-6mj8-jmp2-g8q7
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Lifecycle Timeline
4Description
A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data of the file src/vanna/legacy/google/bigquery_vector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Analysis
SQL injection in Vanna AI's BigQuery integration (versions up to 2.0.2) allows unauthenticated remote attackers to manipulate the remove_training_data function through unsanitized ID parameters. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all systems running Vanna library versions ≤2.0.2 and isolate them from production networks or restrict access via network controls. Within 7 days: Implement Web Application Firewall (WAF) rules to block SQL injection patterns targeting the remove_training_data function endpoint, and disable the remove_training_data feature if not operationally critical. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today