Description
pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base._execute_sql_query component.
Published: 2026-04-01
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: SQL Injection
Action: Assess Impact
AI Analysis

Impact

pandas‑ai version 3.0.0 contains a flaw in the _execute_sql_query component that permits arbitrary SQL injection. By supplying a crafted query string, an attacker can modify the database command executed, which can lead to unauthorized reading, updating, or deleting of data. The vulnerability is a classic example of CWE-89, where unsanitized input is used to compose database queries.

Affected Systems

The affected module is the pandasai library developed by Gabriele Eventuri, specifically version 3.0.0 for Python. Applications that import pandasai and expose the _execute_sql_query method to user‑provided data are at risk. Any system that relies on this library to run database queries could be compromised if it does not filter or treat input properly.

Risk and Exploitability

The CVSS score of 7.3 indicates high severity, yet the EPSS score of less than 1% suggests that exploitation is currently unlikely. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is an attacker influencing the query string passed to _execute_sql_query, which is inferred from the description and is typical for web or service applications that accept user‑sourced SQL statements.

Generated by OpenCVE AI on April 7, 2026 at 02:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade pandasai to a patched version once it becomes available; if no patch is released, consider removing or disabling any functionality that forwards client‑supplied SQL to the _execute_sql_query method.
  • Validate or sanitize all query strings before passing them to _execute_sql_query; use parameterized queries or an ORM to prevent injection.
  • Monitor the pandasai GitHub repository and associated security advisories for updates or additional guidance.

Generated by OpenCVE AI on April 7, 2026 at 02:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 08:00:00 +0000

Type Values Removed Values Added
Title SQL Injection via pandas‑ai _execute_sql_query in v3.0.0

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Gabrieleventuri
Gabrieleventuri pandasai
CPEs cpe:2.3:a:gabrieleventuri:pandasai:*:*:*:*:*:python:*:*
Vendors & Products Gabrieleventuri
Gabrieleventuri pandasai

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Sinaptik-ai
Sinaptik-ai pandas-ai
Vendors & Products Sinaptik-ai
Sinaptik-ai pandas-ai

Thu, 02 Apr 2026 20:30:00 +0000

Type Values Removed Values Added
Title SQL Injection via pandas‑ai _execute_sql_query in v3.0.0

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Description pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base._execute_sql_query component.
Weaknesses CWE-89
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

Gabrieleventuri Pandasai
Sinaptik-ai Pandas-ai
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-01T18:19:20.151Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30273

cve-icon Vulnrichment

Updated: 2026-04-01T18:17:36.736Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-01T17:28:38.733

Modified: 2026-04-06T20:43:46.890

Link: CVE-2026-30273

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-07T08:07:44Z

Weaknesses