Vanna
Monthly
Server-side request forgery in Vanna AI versions up to 2.0.2 allows unauthenticated remote attackers to manipulate the update_sql and run_sql endpoints in the Flask component. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.
SQL injection in Vanna up to version 2.0.2 allows authenticated remote attackers to execute arbitrary SQL queries through the update_sql endpoint function. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. An authenticated attacker can leverage this to read, modify, or delete database contents depending on the application's database permissions.
SQL injection in Vanna AI's BigQuery integration (versions up to 2.0.2) allows unauthenticated remote attackers to manipulate the remove_training_data function through unsanitized ID parameters. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. Successful exploitation enables attackers to read, modify, or delete database contents with limited impact on confidentiality, integrity, and availability.
Server-side request forgery in Vanna AI versions up to 2.0.2 allows unauthenticated remote attackers to manipulate the update_sql and run_sql endpoints in the Flask component. Public exploit code exists for this vulnerability, and no patch is currently available from the vendor despite early notification.
SQL injection in Vanna up to version 2.0.2 allows authenticated remote attackers to execute arbitrary SQL queries through the update_sql endpoint function. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. An authenticated attacker can leverage this to read, modify, or delete database contents depending on the application's database permissions.
SQL injection in Vanna AI's BigQuery integration (versions up to 2.0.2) allows unauthenticated remote attackers to manipulate the remove_training_data function through unsanitized ID parameters. Public exploit code exists for this vulnerability, and the vendor has not released a patch despite early notification. Successful exploitation enables attackers to read, modify, or delete database contents with limited impact on confidentiality, integrity, and availability.