AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

GHSA-8w32-6mrw-q5wv: WeKnora Vulnerable to Remote Code Execution via SQL Injection Bypass in AI Database Query Tool

criticalvulnerabilityLLM-Specific

security

Source: GitHub Advisory DatabaseMarch 6, 2026CVE-2026-30860

Summary

WeKnora, an AI database query tool, has a critical Remote Code Execution (RCE, where an attacker can run commands on a system they don't own) vulnerability caused by incomplete validation in its SQL injection protection system. The validation framework fails to check PostgreSQL array expressions and row expressions, allowing attackers to hide dangerous functions inside these expressions and bypass all seven security phases, leading to arbitrary code execution on the database server.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.2%

Classification

Attack SophisticationModerate

Impact (CIA+S)

confidentialityintegrityavailability

Affected Vendors

Affected Packages

github.com/Tencent/WeKnora@<= 2.0.11

Original source: https://github.com/advisories/GHSA-8w32-6mrw-q5wv

First tracked: March 6, 2026 at 07:00 PM

Classified by LLM (prompt v3) · confidence: 92%