CVE-2026-4506 | Mindinventory MindSQL up to 0.2.1 mindsql_core.py ask_db code injection

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability classified as critical has been found in Mindinventory MindSQL up to 0.2.1. Impacted is the function ask_db of the file mindsql/core/mindsql_core.py. Performing a manipulation results in code injection.

This vulnerability is identified as CVE-2026-4506. The attack can be initiated remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4506 | Mindinventory MindSQL up to 0.2.1 mindsql_core.py ask_db code injection

Post correlati

CVE-2024-4140 | rjbs Email-MIME up to 1.953 Multipart MIME Message allocation of resources (Issue 66)

CVE-2024-9028 | WP GPX Maps Plugin up to 1.7.08 on WordPress Shortcode cross site scripting

CVE-2024-1344 | LaborOfficeFree 19.10 LOF_service.exe hard-coded credentials

CVE-2023-51601 | Honeywell Saia PG5 Controls Suite xml external entity reference (ZDI-23-1850)