Vanna
Monthly
Missing authentication in vanna-ai vanna Chat API endpoint (/api/vanna/v2/) allows unauthenticated remote attackers to perform unauthorized operations with low-complexity attacks. Affects vanna-ai vanna versions up to 2.0.2. Publicly available exploit code exists (GitHub POC published), increasing immediate exploitation risk. CVSS 7.3 reflects network-accessible attack vector with no authentication required and impacts to confidentiality, integrity, and availability. Vendor did not respond to early disclosure notification.
SQL injection in vanna-ai vanna versions up to 2.0.2 allows authenticated remote attackers to manipulate the ask function in vanna/legacy/base/base.py, potentially enabling data exfiltration or modification. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.
A code injection vulnerability exists in vanna-ai vanna up to version 2.0.2, specifically in the exec function of the /src/vanna/legacy file. This authenticated remote code injection allows attackers with login credentials to execute arbitrary code with limited impact on confidentiality, integrity, and availability. A proof-of-concept exploit has been publicly disclosed on GitHub, and the vendor has not responded to early disclosure notifications, making this an active concern for deployed instances.
Missing authentication in vanna-ai vanna Chat API endpoint (/api/vanna/v2/) allows unauthenticated remote attackers to perform unauthorized operations with low-complexity attacks. Affects vanna-ai vanna versions up to 2.0.2. Publicly available exploit code exists (GitHub POC published), increasing immediate exploitation risk. CVSS 7.3 reflects network-accessible attack vector with no authentication required and impacts to confidentiality, integrity, and availability. Vendor did not respond to early disclosure notification.
SQL injection in vanna-ai vanna versions up to 2.0.2 allows authenticated remote attackers to manipulate the ask function in vanna/legacy/base/base.py, potentially enabling data exfiltration or modification. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.
A code injection vulnerability exists in vanna-ai vanna up to version 2.0.2, specifically in the exec function of the /src/vanna/legacy file. This authenticated remote code injection allows attackers with login credentials to execute arbitrary code with limited impact on confidentiality, integrity, and availability. A proof-of-concept exploit has been publicly disclosed on GitHub, and the vendor has not responded to early disclosure notifications, making this an active concern for deployed instances.