Skip to main content

Proxysql

3 CVEs product

Monthly

CVE-2026-48774 HIGH PATCH This Week

Improper input validation in ProxySQL versions 3.0.0 through 3.0.8 lets MCP callers bypass the GenAI `run_sql_readonly` tool's read-only contract by submitting multi-statement payloads such as `SELECT 1; RENAME TABLE x TO y`, which execute in full because the backend connection enables `CLIENT_MULTI_STATEMENTS`. An attacker reaching the `/mcp/query` endpoint can perform writes and administrative SQL up to the privileges of the configured MCP backend account. No public exploit identified at time of analysis, though the upstream advisory documents a successful live test against the endpoint.

Information Disclosure PostgreSQL Proxysql
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-48772 CRITICAL PATCH Act Now

Source-address spoofing in ProxySQL 2.0.0 through 3.0.8 lets any TCP peer that can reach the MySQL frontend port forge the client IP seen by the query-rule engine, bypassing routing and ACL controls. The flaw stems from incorrect parsing of the HAProxy PROXY protocol v1 `UNKNOWN` token, whose address fields the specification requires receivers to ignore. No public exploit identified at time of analysis, but the vendor advisory describes the attack mechanics in detail and version 3.0.9 ships the fix.

Authentication Bypass PostgreSQL Proxysql
NVD GitHub VulDB
CVSS 3.1
10.0
EPSS
0.2%
CVE-2026-48773 CRITICAL PATCH Act Now

Pre-authentication heap memory corruption in ProxySQL 2.0.18 through 3.0.8 allows remote unauthenticated attackers to corrupt heap memory by sending a crafted first packet declaring an oversized length, which is passed directly to recv() into a fixed 32 KB input queue on both MySQL and PostgreSQL protocol listeners. The flaw carries a CVSS 9.8 rating and is fixed in 3.0.9; no public exploit identified at time of analysis, but the trivial trigger condition and out-of-bounds write primitive create strong potential for weaponization.

Buffer Overflow PostgreSQL Memory Corruption Proxysql
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.4%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Improper input validation in ProxySQL versions 3.0.0 through 3.0.8 lets MCP callers bypass the GenAI `run_sql_readonly` tool's read-only contract by submitting multi-statement payloads such as `SELECT 1; RENAME TABLE x TO y`, which execute in full because the backend connection enables `CLIENT_MULTI_STATEMENTS`. An attacker reaching the `/mcp/query` endpoint can perform writes and administrative SQL up to the privileges of the configured MCP backend account. No public exploit identified at time of analysis, though the upstream advisory documents a successful live test against the endpoint.

Information Disclosure PostgreSQL Proxysql
NVD GitHub VulDB
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Source-address spoofing in ProxySQL 2.0.0 through 3.0.8 lets any TCP peer that can reach the MySQL frontend port forge the client IP seen by the query-rule engine, bypassing routing and ACL controls. The flaw stems from incorrect parsing of the HAProxy PROXY protocol v1 `UNKNOWN` token, whose address fields the specification requires receivers to ignore. No public exploit identified at time of analysis, but the vendor advisory describes the attack mechanics in detail and version 3.0.9 ships the fix.

Authentication Bypass PostgreSQL Proxysql
NVD GitHub VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Pre-authentication heap memory corruption in ProxySQL 2.0.18 through 3.0.8 allows remote unauthenticated attackers to corrupt heap memory by sending a crafted first packet declaring an oversized length, which is passed directly to recv() into a fixed 32 KB input queue on both MySQL and PostgreSQL protocol listeners. The flaw carries a CVSS 9.8 rating and is fixed in 3.0.9; no public exploit identified at time of analysis, but the trivial trigger condition and out-of-bounds write primitive create strong potential for weaponization.

Buffer Overflow PostgreSQL Memory Corruption +1
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy