Pandasai
Monthly
Code injection in Sinaptik AI PandasAI versions up to 3.0.0 allows unauthenticated remote attackers to execute arbitrary code via the CodeExecutor.execute function in the Chat Message Handler component. CVSS 7.3 (High) with network attack vector, low complexity, and no authentication required. Publicly available exploit code exists (POC on GitHub Gist). EPSS data not provided, but the combination of unauthenticated remote execution and public exploit significantly elevates real-world risk. Vendor non-responsive to coordinated disclosure.
Path traversal in Sinaptik AI PandasAI up to version 3.0.0 allows remote unauthenticated attackers to read arbitrary files by manipulating the is_sql_query_safe function in the SQL sanitizer module. The vulnerability has a CVSS score of 5.3 (low-to-medium severity) with public exploit code available, though active exploitation has not been confirmed by CISA. The vendor did not respond to early disclosure notification.
SQL injection in Sinaptik AI PandasAI versions up to 0.1.4 allows unauthenticated remote attackers to manipulate database operations through the pandasai-lancedb extension. Six functions (delete_question_and_answers, delete_docs, update_question_answer, update_docs, get_relevant_question_answers_by_id, get_relevant_docs_by_id) in lancedb.py are vulnerable to SQL injection attacks. Publicly available exploit code exists (CVSS 7.3, EPSS data not provided). The vendor has not responded to disclosure attempts.
Code injection in Sinaptik AI PandasAI versions up to 3.0.0 allows unauthenticated remote attackers to execute arbitrary code via the CodeExecutor.execute function in the Chat Message Handler component. CVSS 7.3 (High) with network attack vector, low complexity, and no authentication required. Publicly available exploit code exists (POC on GitHub Gist). EPSS data not provided, but the combination of unauthenticated remote execution and public exploit significantly elevates real-world risk. Vendor non-responsive to coordinated disclosure.
Path traversal in Sinaptik AI PandasAI up to version 3.0.0 allows remote unauthenticated attackers to read arbitrary files by manipulating the is_sql_query_safe function in the SQL sanitizer module. The vulnerability has a CVSS score of 5.3 (low-to-medium severity) with public exploit code available, though active exploitation has not been confirmed by CISA. The vendor did not respond to early disclosure notification.
SQL injection in Sinaptik AI PandasAI versions up to 0.1.4 allows unauthenticated remote attackers to manipulate database operations through the pandasai-lancedb extension. Six functions (delete_question_and_answers, delete_docs, update_question_answer, update_docs, get_relevant_question_answers_by_id, get_relevant_docs_by_id) in lancedb.py are vulnerable to SQL injection attacks. Publicly available exploit code exists (CVSS 7.3, EPSS data not provided). The vendor has not responded to disclosure attempts.