SQLAdmin is a flexible administrator interface for SQLAlchemy models. The vulnerable ajax_lookup endpoint, used to query models via AJAX, was incorrectly implemented to skip the is_accessible() access control check that safeguards all other endpoints. A developer who restricts access to a model by overriding is_accessible() is therefore unable to prevent an authenticated user from retrieving that model's data through ajax_lookup, silently violating intended restrictions. This flaw does not grant arbitrary code execution or data modification; its primary impact is unauthorized read access to data that should be hidden from the user in question.

The affected software is smithyhq SQLAdmin. All releases prior to version 0.25.1 allow the bypass. The fix was released in 0.25.1, so any version earlier than that is vulnerable. No other vendors or products are reported to be affected.

The CVSS score of 4.3 indicates moderate severity. EPSS is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting that the likelihood of widespread exploitation is currently low but not impossible. The vulnerability is exploitable by any authenticated user who can invoke the ajax_lookup URL; no privileged escalation or network-level attack is required. The attack vector is an authenticated insider or a compromised user account that can use the public endpoint. Because the flaw only allows data read, it does not compromise confidentiality globally but can expose sensitive application data to users who should be denied access.