CVE-2026-4506

Name of the Vulnerable Software and Affected Versions Mindinventory MindSQL versions up to 0.2.1

Description A code injection issue exists in Mindinventory MindSQL. The ask db function within the mindsql/core/mindsql core.py file is susceptible to manipulation, leading to code injection. This issue can be exploited remotely. The details of the exploit have been publicly disclosed. The vendor was notified but did not respond.

Recommendations Versions prior to 0.2.1 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.