CVE-2026-33324: SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the T
Summary
SQLBot is a Text-to-SQL system (software that converts natural language questions into SQL database queries) that uses large language models and RAG (retrieval-augmented generation, where the AI pulls in external data to help answer questions). In versions 1.7.0 and earlier, it has a prompt injection vulnerability (where an attacker hides malicious instructions in their input to trick the AI), because user questions are directly inserted into the AI prompt without filtering, and the resulting SQL commands are executed without checking if they're safe. An attacker with access can craft a malicious question to make the system run harmful SQL commands, potentially allowing remote code execution (the ability to run commands on a system they don't own) when using PostgreSQL.
Solution / Mitigation
This issue has been fixed in version 1.7.1.
Vulnerability Details
EPSS: 0.0%
May 5, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
CVE-2026-30308: In its design for automatic terminal command execution, HAI Build Code Generator offers two options: Execute safe comman
CVE-2026-40087: LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.84 and 1.2.28, LangChain's f-str
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-33324
First tracked: May 6, 2026 at 08:10 AM
Classified by LLM (prompt v3) · confidence: 95%