CVE-2026-32950

Name of the Vulnerable Software and Affected Versions SQLBot versions prior to 1.7.0

Description SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a critical SQL Injection issue in the /api/v1/datasource/uploadExcel endpoint that enables Remote Code Execution (RCE). Any authenticated user, even with the lowest privileges, can fully compromise the backend server. The root cause is that Excel sheet names are directly concatenated into PostgreSQL table names without sanitization (datasource.py#L351), and these table names are embedded into COPY SQL statements via f-strings instead of parameterized queries (datasource.py#L385-L388). An attacker can bypass the 31-character sheet name limit using a two-stage technique: first, uploading a normal file with shell commands in its data rows, and then uploading a manipulated XML file with a sheet name that injects a TO PROGRAM 'sh' clause into the SQL. Confirmed impacts include arbitrary command execution as the postgres user (uid=999), sensitive file exfiltration (e.g., /etc/passwd, /etc/shadow), and complete PostgreSQL database takeover.

Recommendations Versions prior to 1.7.0 should be updated to version 1.7.0 or later.