CVE-2025-9148

Name of the Vulnerable Software and Affected Versions: CodePhiliaX Chat2DB versions through 0.3.7

Description: A SQL injection issue exists in the JDBC Connection Handler component of CodePhiliaX Chat2DB. The issue affects an unknown function within the ai/chat2db/server/web/api/controller/data/source/DataSourceController.java file. This allows for remote execution of attacks. The exploit has been publicly disclosed.

Recommendations: Versions prior to 0.3.7: At the moment, there is no information about a newer version that contains a fix for this vulnerability.