CVE-2026-30860

Name of the Vulnerable Software and Affected Versions WeKnora versions prior to 0.2.12

Description WeKnora, an LLM-powered framework for deep document understanding and semantic retrieval, contains a remote code execution (RCE) issue in its database query functionality. The application's validation system does not thoroughly inspect child nodes within PostgreSQL array expressions and row expressions, allowing attackers to bypass SQL injection protections. By embedding malicious PostgreSQL functions within these expressions and combining them with large object operations and library loading capabilities, an unauthenticated attacker can execute arbitrary code on the database server with the privileges of the database user. The issue stems from incomplete validation within the validateNode() function, specifically the lack of handlers for ArrayExpr and RowExpr node types. This allows attackers to smuggle dangerous functions, such as pg read file, lo from bytea, lo put, lo export, and pg reload conf, into queries. A proof-of-concept demonstrates the ability to read arbitrary files, upload a malicious shared library, and ultimately achieve code execution. Successful exploitation could lead to complete system compromise, including data extraction, modification, service disruption, persistence, and lateral movement.

Recommendations Update to WeKnora version 0.2.12 or later. Fix the AST node validation to recursively inspect array expressions and row expressions. Implement a strict blocklist of dangerous PostgreSQL functions. Restrict the application's database user to SELECT-only permissions with no execute rights on administrative functions. Disable dynamic library loading in PostgreSQL configuration by clearing dynamic library path and session preload libraries.