Description
A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-04-05
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Remote code execution via eval injection
Action: Apply patch
AI Analysis

Impact

The vulnerability resides in the eval() usage within the followup.py component of premAI-io premsql. An attacker can supply crafted input that is executed by eval, allowing arbitrary Python code to run on the host that runs the application. This results in remote code execution, enabling full control over affected systems. The weakness aligns with CWE-74 and CWE-94.

Affected Systems

The issue impacts premAI-io premsql versions up to 0.2.1. Any deployment of this package that includes the followup.py worker is potentially vulnerable.

Risk and Exploitability

The CVSS base score is 5.3, indicating moderate severity, and the vulnerability is not listed in the CISA KEV catalog. Public proof‑of‑concept code demonstrates that the exploit is feasible, and the attack vector is remote. An attacker who can reach the application can inject code through the eval call and compromise the entire system with no additional privileges.

Generated by OpenCVE AI on April 5, 2026 at 21:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade premAI-io premsql to the latest available version (greater than 0.2.1).
  • If no patch is immediately available, restrict network access to the component that executes followup.py, for example by tightening firewall or proxy rules.
  • Monitor application logs for unexpected calls to eval() or suspicious data being processed by followup.py. Consider disabling eval() or replacing it with a safer alternative if possible.

Generated by OpenCVE AI on April 5, 2026 at 21:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Premai-io
Premai-io premsql
Vendors & Products Premai-io
Premai-io premsql

Mon, 06 Apr 2026 16:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sun, 05 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Description A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title premAI-io premsql followup.py eval code injection
Weaknesses CWE-74
CWE-94
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Premai-io Premsql
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-06T15:25:27.908Z

Reserved: 2026-04-05T05:12:37.784Z

Link: CVE-2026-5594

cve-icon Vulnrichment

Updated: 2026-04-06T15:25:23.950Z

cve-icon NVD

Status : Deferred

Published: 2026-04-05T19:17:05.437

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-5594

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-06T21:56:25Z

Weaknesses