CVE-2026-4507 | Mindinventory MindSQL up to 0.2.1 mindsql_core.py ask_db sql injection

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability classified as critical was found in Mindinventory MindSQL up to 0.2.1. The affected element is the function ask_db of the file mindsql/core/mindsql_core.py. Executing a manipulation can lead to sql injection.

This vulnerability is tracked as CVE-2026-4507. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4507 | Mindinventory MindSQL up to 0.2.1 mindsql_core.py ask_db sql injection

Post correlati

CVE-2024-11624 | Google Android VPN permission

CVE-2024-7888 | Classified Listing Plugin up to 3.1.7 on WordPress authorization

CVE-2025-34069 | GFI Kerio Control 9.4.5 GFIAgent Service missing authentication

CVE-2024-1083 | Simple Restrict Plugin up to 1.2.6 on WordPress authorization