CVE-2026-4507 | Mindinventory MindSQL up to 0.2.1 mindsql_core.py ask_db sql injection

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability classified as critical was found in Mindinventory MindSQL up to 0.2.1. The affected element is the function ask_db of the file mindsql/core/mindsql_core.py. Executing a manipulation can lead to sql injection.

This vulnerability is tracked as CVE-2026-4507. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4507 | Mindinventory MindSQL up to 0.2.1 mindsql_core.py ask_db sql injection

Post correlati

CVE-2024-12884 | Codezips E-Commerce Website 1.0 /login.php email sql injection

CVE-2024-52269 | DocuSign up to 2024-12-04 SaaS AI Assistant clickjacking

CVE-2023-47160 | IBM Cognos Controller/Controller xml external entity reference

CVE-2025-45854 | JEHC-BPM 2.0.1 /server/executeExec unrestricted upload