Description
A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-03-21
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote SQL Injection
Action: Patch Now
AI Analysis

Impact

An injected SQL command can be executed through the ask function in the vanna legacy base module. This flaw allows an attacker to construct arbitrary SQL statements that are passed directly to the database, which can result in reading, modifying, or deleting data. The vulnerability is classified as a classic SQL Injection (CWE‑74 and CWE‑89).

Affected Systems

The flaw exists in the vanna-ai vanna product up to version 2.0.2. Anyone running that version or any earlier release of the library is vulnerable when the ask function is exposed to user input. All installations using 2.0.2 or earlier must be addressed.

Risk and Exploitability

The CVSS score is 5.3, indicating moderate risk. Exploit code is publicly available and the attack is remotely achievable by supplying crafted input to the ask endpoint. The EPSS score is not available, and the vulnerability is not in CISA’s KEV catalog, but the public proof‑of‑concept material suggests that it could be actively used. Administrators should treat this as a medium‑impact issue that requires timely remediation.

Generated by OpenCVE AI on March 21, 2026 at 11:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade vanna to the latest version beyond 2.0.2.
  • Implement parameterized queries or sanitize inputs in the ask function.
  • Limit exposure of the ask endpoint to trusted networks or IPs.
  • Monitor database logs for unusual query activity.
  • If an upgrade is impossible, disable the ask feature until a patch is applied.

Generated by OpenCVE AI on March 21, 2026 at 11:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Mar 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Vanna-ai
Vanna-ai vanna
Vendors & Products Vanna-ai
Vanna-ai vanna

Sat, 21 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Title vanna-ai vanna base.py ask sql injection
Weaknesses CWE-74
CWE-89
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Vanna-ai Vanna
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-23T16:30:05.313Z

Reserved: 2026-03-20T14:28:43.476Z

Link: CVE-2026-4513

cve-icon Vulnrichment

Updated: 2026-03-23T16:29:59.482Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-21T10:16:23.593

Modified: 2026-03-23T14:31:37.267

Link: CVE-2026-4513

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:41:16Z

Weaknesses