{"data":{"id":"ed1b2a97-eecf-49a9-bc06-35168472ad77","title":"CVE-2026-33324: SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the T","summary":"SQLBot is a Text-to-SQL system (software that converts natural language questions into SQL database queries) that uses large language models and RAG (retrieval-augmented generation, where the AI pulls in external data to help answer questions). In versions 1.7.0 and earlier, it has a prompt injection vulnerability (where an attacker hides malicious instructions in their input to trick the AI), because user questions are directly inserted into the AI prompt without filtering, and the resulting SQL commands are executed without checking if they're safe. An attacker with access can craft a malicious question to make the system run harmful SQL commands, potentially allowing remote code execution (the ability to run commands on a system they don't own) when using PostgreSQL.","solution":"This issue has been fixed in version 1.7.1.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-33324","publishedAt":"2026-05-05T20:16:36.317Z","cveId":"CVE-2026-33324","cweIds":["CWE-89"],"cvssScore":null,"cvssSeverity":null,"severity":"critical","attackType":["prompt_injection"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["SQLBot"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-05-05T20:16:36.317Z","capecIds":["CAPEC-66"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"rag","llmSpecific":true,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":["AML.T0051"]}}