CVE-2025-52467

Name of the Vulnerable Software and Affected Versions pgai versions prior to 8eb3567

Description The issue concerns the pgai Python library, which transforms PostgreSQL into a retrieval engine for RAG and Agentic applications. Prior to a specific commit, the library was vulnerable to an attack that allowed the exfiltration of all secrets used in one workflow. This included the GITHUB TOKEN with write permissions for the repository, enabling an attacker to tamper with all aspects of the repository, such as pushing arbitrary code and releases.

Recommendations For versions prior to 8eb3567, update to a version that includes the fix from commit 8eb3567 to prevent the exfiltration of secrets. As a temporary workaround, consider restricting access to sensitive information and secrets within the workflow to minimize the risk of exploitation.