Vulnerabilidades em vanna-ai
15 resultadosCVE-2024-5827CRITICALArbitrary File Write by Prompt Injection via DuckDB SQL in vanna-ai/vannaEPSS 3.5%CVE-2024-5826CRITICALRemote Code Execution via Prompt Injection in vanna-ai/vannaEPSS 0.9%CVE-2024-7764HIGHSQL Injection in vanna-ai/vannaEPSS 0.7%CVE-2024-8055HIGHLocal File Read (LFI) by Prompt Injection via SnowFlake SQL in vanna-ai/vannaEPSS 0.6%CVE-2024-5753HIGHLocal File Read (LFI) by Prompt Injection via Postgres SQL in vanna-ai/vannaEPSS 0.6%CVE-2026-5320MEDIUMvanna-ai vanna Chat API Endpoint v2 missing authenticationEPSS 0.4%CVE-2024-8099HIGHServer-Side Request Forgery (SSRF) in vanna-ai/vannaEPSS 0.3%CVE-2026-6977MEDIUMvanna-ai vanna Legacy Flask API improper authorizationEPSS 0.3%CVE-2026-4231MEDIUMvanna-ai vanna Endpoint __init__.py run_sql server-side request forgeryEPSS 0.3%CVE-2026-4229MEDIUMvanna-ai vanna bigquery_vector.py remove_training_data sql injectionEPSS 0.3%CVE-2024-6841MEDIUMCSRF in vanna-ai/vannaEPSS 0.2%CVE-2026-4511MEDIUMvanna-ai vanna legacy exec injectionEPSS 0.2%CVE-2026-4513MEDIUMvanna-ai vanna base.py ask sql injectionEPSS 0.2%CVE-2026-4230MEDIUMvanna-ai vanna Endpoint __init__.py update_sql sql injectionEPSS 0.2%CVE-2026-5321MEDIUMvanna-ai vanna FastAPI/Flask Server cross-domain policyEPSS 0.2%