{"data":{"id":"1b56868d-1a78-4cf2-ae0c-e967d2b202b4","title":"Words Become SQL: Securing AI Assistants That Talk to Databases","summary":"The article demonstrates how attackers can use crafted prompts to trick AI assistants into running harmful database queries through prompt-to-SQL injection attacks (where malicious instructions hidden in user input cause an AI to generate dangerous database commands). It identifies vulnerabilities in real systems and describes practical defenses including query filtering, rewriting, data preloading, and using another AI model as a security guard.","solution":"The source mentions four explicit defenses: query filtering, query rewriting, data preloading, and large-language-model-based guards (using another AI model to validate or block dangerous queries).","labels":["security","research"],"sourceUrl":"http://ieeexplore.ieee.org/document/11359973","publishedAt":"2026-01-21T13:17:14.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection"],"issueType":"research","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-01-21T13:17:14.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":"peer_reviewed","atlasIds":null}}