Skip to main content

Coze Studio

1 CVEs product

Monthly

CVE-2026-7023 LOW POC Monitor

SQL injection in ByteDance coze-studio up to version 0.5.1 allows authenticated remote attackers to manipulate the ExecuteSQL function in the databaseTool component, enabling arbitrary SQL query execution with limited confidentiality and integrity impact. The vulnerability has a publicly available exploit and affects the backend database service layer; the vendor has not responded to disclosure efforts.

SQLi Coze Studio
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
EPSS 0% CVSS 2.1
LOW POC Monitor

SQL injection in ByteDance coze-studio up to version 0.5.1 allows authenticated remote attackers to manipulate the ExecuteSQL function in the databaseTool component, enabling arbitrary SQL query execution with limited confidentiality and integrity impact. The vulnerability has a publicly available exploit and affects the backend database service layer; the vendor has not responded to disclosure efforts.

SQLi Coze Studio
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy