{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4996", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-27T13:48:08.116Z", "datePublished": "2026-03-28T11:30:12.160Z", "dateUpdated": "2026-03-30T18:26:49.399Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-28T11:30:12.160Z"}, "title": "Sinaptik AI PandasAI pandasai-lancedb Extension lancedb.py get_relevant_docs_by_id sql injection", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-89", "lang": "en", "description": "SQL Injection"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-74", "lang": "en", "description": "Injection"}]}], "affected": [{"vendor": "Sinaptik AI", "product": "PandasAI", "versions": [{"version": "0.1.0", "status": "affected"}, {"version": "0.1.1", "status": "affected"}, {"version": "0.1.2", "status": "affected"}, {"version": "0.1.3", "status": "affected"}, {"version": "0.1.4", "status": "affected"}], "modules": ["pandasai-lancedb Extension"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function delete_question_and_answers/delete_docs/update_question_answer/update_docs/get_relevant_question_answers_by_id/get_relevant_docs_by_id of the file extensions/ee/vectorstores/lancedb/pandasai_lancedb/lancedb.py of the component pandasai-lancedb Extension. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-27T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-27T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-27T14:53:50.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Eric-b (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/?id.353883", "name": "VDB-353883 | Sinaptik AI PandasAI pandasai-lancedb Extension lancedb.py get_relevant_docs_by_id sql injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.353883", "name": "VDB-353883 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.778268", "name": "Submit #778268 | Sinaptik AI PandasAI <= 0.1.4 SQL Injection (CWE-89)", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/YLChen-007/e33f76941234bed3824181ed252bd09f", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T18:26:43.067708Z", "id": "CVE-2026-4996", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:26:49.399Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4996", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-30T18:26:43.067708Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T18:26:46.162Z"}}], "cna": {"title": "Sinaptik AI PandasAI pandasai-lancedb Extension lancedb.py get_relevant_docs_by_id sql injection", "credits": [{"lang": "en", "type": "reporter", "value": "Eric-b (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "Sinaptik AI", "modules": ["pandasai-lancedb Extension"], "product": "PandasAI", "versions": [{"status": "affected", "version": "0.1.0"}, {"status": "affected", "version": "0.1.1"}, {"status": "affected", "version": "0.1.2"}, {"status": "affected", "version": "0.1.3"}, {"status": "affected", "version": "0.1.4"}]}], "timeline": [{"lang": "en", "time": "2026-03-27T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-27T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-27T14:53:50.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.353883", "name": "VDB-353883 | Sinaptik AI PandasAI pandasai-lancedb Extension lancedb.py get_relevant_docs_by_id sql injection", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.353883", "name": "VDB-353883 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.778268", "name": "Submit #778268 | Sinaptik AI PandasAI <= 0.1.4 SQL Injection (CWE-89)", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/YLChen-007/e33f76941234bed3824181ed252bd09f", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function delete_question_and_answers/delete_docs/update_question_answer/update_docs/get_relevant_question_answers_by_id/get_relevant_docs_by_id of the file extensions/ee/vectorstores/lancedb/pandasai_lancedb/lancedb.py of the component pandasai-lancedb Extension. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "SQL Injection"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-74", "description": "Injection"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-28T11:30:12.160Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4996", "state": "PUBLISHED", "dateUpdated": "2026-03-30T18:26:49.399Z", "dateReserved": "2026-03-27T13:48:08.116Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-28T11:30:12.160Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function delete_question_and_answers/delete_docs/update_question_answer/update_docs/get_relevant_question_answers_by_id/get_relevant_docs_by_id of the file extensions/ee/vectorstores/lancedb/pandasai_lancedb/lancedb.py of the component pandasai-lancedb Extension. Such manipulation leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-4996", "lastModified": "2026-03-30T13:26:07.647", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-28T12:16:04.150", "references": [{"source": "cna@vuldb.com", "url": "https://gist.github.com/YLChen-007/e33f76941234bed3824181ed252bd09f"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.353883"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.353883"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.778268"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-89"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.1.0,0.1.4]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "PandasAI", "source": "cna", "vendor": "Sinaptik AI"}, "product": "pandasai", "vendor": "sinaptik_ai"}], "analysis": {"en": {"generated_at": "2026-03-28T12:20:24.736770+00:00", "value": {"mitigation_remediation": ["Upgrade PandasAI to a patched version that fixes the SQL injection in the pandasai-lancedb Extension (e.g., 0.1.5 or later if available).", "If an upgrade is not immediately possible, disable or remove the pandasai-lancedb Extension from the application until a fix is released.", "Apply input validation or use parameterized queries in the affected code paths as a temporary control.", "Contact Sinaptik AI to verify the availability of an official patch or to seek guidance on mitigating the issue."], "summary": {"action": "Patch Now", "impact": "SQL Injection"}, "threat_synthesis": {"affected_systems": "Sinaptik AI's PandasAI library versions up to 0.1.4 are affected. The flaw resides in the functions delete_question_and_answers, delete_docs, update_question_answer, update_docs, get_relevant_question_answers_by_id, and get_relevant_docs_by_id within extensions/ee/vectorstores/lancedb/pandasai_lancedb/lancedb.py of the pandasai-lancedb Extension. Users running these components on any platform that connects to a database through the Extension are at risk.", "description_and_impact": "The vulnerability permits attackers to inject arbitrary SQL commands into the database when invoking certain PandasAI functions from the pandasai-lancedb Extension. This flaw can lead to unauthorized data retrieval, modification, or deletion, potentially compromising confidentiality, integrity, and availability of the underlying data store. The weakness is a classic SQL injection, as identified by CWE-74 and CWE-89.", "risk_and_exploitability": "The CVSS base score of 6.9 indicates a medium severity vulnerability. No EPSS score is available, but the advisory notes that the exploit is publicly available and can be launched remotely, making it a realistic threat. The vulnerability is not listed in the CISA KEV catalog, yet the presence of an open public exploit increases the likelihood of exploitation via the exposed web endpoints that call the vulnerable functions. Attackers could craft malicious payloads to manipulate SQL queries executed by the Extension."}}}}, "created": "2026-03-29T20:32:34.319002+00:00", "updated": "2026-03-30T06:59:28.751916+00:00", "vendors": ["sinaptik_ai", "sinaptik_ai$PRODUCT$pandasai"]}