{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32950", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-17T00:05:53.284Z", "datePublished": "2026-03-20T04:14:45.640Z", "dateUpdated": "2026-03-20T04:14:45.640Z"}, "containers": {"cna": {"title": "SQLBot: RCE via SQL Injection in Excel Upload Endpoint", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-78", "lang": "en", "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.6, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/dataease/SQLBot/security/advisories/GHSA-7hww-8rj5-7rmm", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/dataease/SQLBot/security/advisories/GHSA-7hww-8rj5-7rmm"}, {"name": "https://github.com/dataease/SQLBot/commit/39f2203cec4bb4b0aa541710733fe7608e3d3c48", "tags": ["x_refsource_MISC"], "url": "https://github.com/dataease/SQLBot/commit/39f2203cec4bb4b0aa541710733fe7608e3d3c48"}, {"name": "https://github.com/dataease/SQLBot/releases/tag/v1.7.0", "tags": ["x_refsource_MISC"], "url": "https://github.com/dataease/SQLBot/releases/tag/v1.7.0"}], "affected": [{"vendor": "dataease", "product": "SQLBot", "versions": [{"version": "< 1.7.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-20T04:14:45.640Z"}, "descriptions": [{"lang": "en", "value": "SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a critical SQL Injection vulnerability in the /api/v1/datasource/uploadExcel endpoint that enables Remote Code Execution (RCE), allowing any authenticated user (even the lowest-privileged) to fully compromise the backend server. The root cause is twofold: Excel Sheet names are concatenated directly into PostgreSQL table names without sanitization (datasource.py#L351), and those table names are embedded into COPY SQL statements via f-strings instead of parameterized queries (datasource.py#L385-L388). An attacker can bypass the 31-character Sheet name limit using a two-stage technique\u2014first uploading a normal file whose data rows contain shell commands, then uploading an XML-tampered file whose Sheet name injects a TO PROGRAM 'sh' clause into the SQL. Confirmed impacts include arbitrary command execution as the postgres user (uid=999), sensitive file exfiltration (e.g., /etc/passwd, /etc/shadow), and complete PostgreSQL database takeover. This issue has been fixed in version 1.7.0."}], "source": {"advisory": "GHSA-7hww-8rj5-7rmm", "discovery": "UNKNOWN"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a critical SQL Injection vulnerability in the /api/v1/datasource/uploadExcel endpoint that enables Remote Code Execution (RCE), allowing any authenticated user (even the lowest-privileged) to fully compromise the backend server. The root cause is twofold: Excel Sheet names are concatenated directly into PostgreSQL table names without sanitization (datasource.py#L351), and those table names are embedded into COPY SQL statements via f-strings instead of parameterized queries (datasource.py#L385-L388). An attacker can bypass the 31-character Sheet name limit using a two-stage technique\u2014first uploading a normal file whose data rows contain shell commands, then uploading an XML-tampered file whose Sheet name injects a TO PROGRAM 'sh' clause into the SQL. Confirmed impacts include arbitrary command execution as the postgres user (uid=999), sensitive file exfiltration (e.g., /etc/passwd, /etc/shadow), and complete PostgreSQL database takeover. This issue has been fixed in version 1.7.0."}], "id": "CVE-2026-32950", "lastModified": "2026-03-20T13:37:50.737", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2026-03-20T05:16:14.553", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/dataease/SQLBot/commit/39f2203cec4bb4b0aa541710733fe7608e3d3c48"}, {"source": "security-advisories@github.com", "url": "https://github.com/dataease/SQLBot/releases/tag/v1.7.0"}, {"source": "security-advisories@github.com", "url": "https://github.com/dataease/SQLBot/security/advisories/GHSA-7hww-8rj5-7rmm"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}, {"lang": "en", "value": "CWE-89"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.7.0)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "SQLBot", "source": "cna", "vendor": "dataease"}, "product": "sqlbot", "vendor": "dataease"}], "analysis": {"en": {"generated_at": "2026-03-20T05:21:31.928644+00:00", "value": {"mitigation_remediation": ["Apply vendor patch to version 1.7.0 or later of SQLBot.", "Verify that the latest version is installed and that the /api/v1/datasource/uploadExcel endpoint is no longer vulnerable.", "If unable to upgrade immediately, restrict or disable the uploadExcel API for untrusted users until a patch is applied.", "Monitor for any unusual execution or database activity and review logs for signs of exploitation."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "DataEase SQLBot is affected. All releases prior to version 1.7.0 contain the vulnerability. The issue was identified and fixed in the 1.7.0 release.", "description_and_impact": "SQLBot, an intelligent data query system, contains a severe SQL injection vulnerability in its Excel upload API. The flaw allows any authenticated user to craft a malicious Excel file whose sheet names are inserted directly into PostgreSQL table names and subsequently included in COPY statements via f\u2011strings. This unfiltered input enables attackers to inject a \u2018TO PROGRAM\u2019 clause that executes arbitrary shell commands on the backend database server. The impact is remote code execution, permitting attackers to run commands as the PostgreSQL user, exfiltrate files such as /etc/passwd, /etc/shadow, and ultimately achieve full control of the database and underlying system.", "risk_and_exploitability": "The CVSS v3 score is 8.6, indicating high severity. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog, but the lack of a public exploit does not mitigate the risk. Attackers need only have legitimate authentication to the API and can upload two specially crafted files\u2014first a normal file with malicious data rows, then an XML\u2011modified file with a Sheet name that injects the TO PROGRAM clause\u2014to bypass the 31\u2011character limit and trigger execution. The exploit path is straightforward for someone with API access, making the risk and exploitability significant."}}}}, "created": "2026-03-20T08:52:40.678513+00:00", "updated": "2026-03-20T10:37:22.459525+00:00", "vendors": ["dataease", "dataease$PRODUCT$sqlbot"]}