Description
SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR (Insecure Direct Object Reference) and Authorization Bypass vulnerability in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema endpoints. An attacker can access and modify database schemas and data sources belonging to other tenants/workspaces. This vulnerability is fixed in 1.8.0.
Published: 2026-05-13
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

SQLBot is an AI‑driven Text‑to‑SQL system that, before version 1.8.0, allowed an attacker to read and modify database schemas and data sources belonging to other tenants. The vulnerability is an Insecure Direct Object Reference (IDOR) that bypasses tenant isolation checks, enabling the modification of critical system objects. This flaw is identified as CWE‑639 and can lead to data tampering, privilege escalation within the application, and potential exposure of sensitive data across tenants.

Affected Systems

The affected product is SQLBot by Dataease. All releases prior to 1.8.0 are vulnerable; the fix was applied in version 1.8.0. Tenants using earlier versions, regardless of deployment size or configuration, are susceptible.

Risk and Exploitability

The CVSS score of 8.6 indicates high severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting no known public exploits yet. The likely attack vector is via authenticated API calls to the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema endpoints, which an attacker with access to one tenant’s credentials could use to target other tenants. A successful exploit would grant the attacker full read/write access to other tenants’ database schemas.

Generated by OpenCVE AI on May 13, 2026 at 22:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update SQLBot to version 1.8.0 or later, which removes the IDOR and proper tenant isolation checks.
  • If an update is not immediately possible, restrict access to the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema endpoints by enforcing strict tenant‑based authorization or by disabling these endpoints for cross‑tenant access.
  • Conduct a security audit of all existing database schemas and data sources to identify any unauthorized changes made prior to the patch.

Generated by OpenCVE AI on May 13, 2026 at 22:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 15 May 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Fit2cloud
Fit2cloud sqlbot
CPEs cpe:2.3:a:fit2cloud:sqlbot:*:*:*:*:*:*:*:*
Vendors & Products Fit2cloud
Fit2cloud sqlbot
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}

Thu, 14 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 13 May 2026 22:45:00 +0000

Type Values Removed Values Added
First Time appeared Dataease
Dataease sqlbot
Vendors & Products Dataease
Dataease sqlbot

Wed, 13 May 2026 21:45:00 +0000

Type Values Removed Values Added
Description SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. Prior to 1.8.0, SQLBot contains a Cross-Workspace IDOR (Insecure Direct Object Reference) and Authorization Bypass vulnerability in the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema endpoints. An attacker can access and modify database schemas and data sources belonging to other tenants/workspaces. This vulnerability is fixed in 1.8.0.
Title SQLBot: Unauthorized Access Vulnerability
Weaknesses CWE-639
References
Metrics cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Dataease Sqlbot
Fit2cloud Sqlbot
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-14T13:40:32.770Z

Reserved: 2026-04-27T13:55:58.694Z

Link: CVE-2026-42463

cve-icon Vulnrichment

Updated: 2026-05-14T13:40:05.565Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-13T22:16:43.397

Modified: 2026-05-15T17:34:17.283

Link: CVE-2026-42463

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-13T22:30:06Z

Weaknesses
  • CWE-639

    Authorization Bypass Through User-Controlled Key