AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2026-32622: SQLBot is an intelligent data query system based on a large language model and RAG. Versions 1.5.0 and below contain a S

criticalvulnerabilityLLM-Specific

security

Source: NVD/CVE DatabaseMarch 19, 2026CVE-2026-32622

Summary

SQLBot, a data query system combining AI with RAG (retrieval-augmented generation, where an AI pulls in external documents to answer questions), has a critical vulnerability in versions 1.5.0 and below that chains three security gaps: missing permission checks on file uploads, unsanitized storage of user input, and inadequate protections when inserting data into the AI's instructions. An attacker can exploit this to trick the AI into running malicious database commands that give them control over the database server.

Solution / Mitigation

The issue is fixed in v1.6.0.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

March 19, 2026

Classification

Attack Type

Prompt Injection

Attack SophisticationModerate

Impact (CIA+S)

confidentialityintegrity

Taxonomy References

CWE (Weakness Type)

CWE-20 CWE-74 CWE-77 CWE-862

Affected Vendors

Related Issues

high

AI Kill Chain in Action: Devin AI Exposes Ports to the Internet with Prompt Injection

Similar attackEmbrace The Red

medium

CVE-2024-45989: Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Act

First tracked: March 19, 2026 at 06:07 PM

Classified by LLM (prompt v3) · confidence: 95%