CVE-2026-5594 | premAI-io premsql up to 0.2.1 followup.py eval result code injection

Inserito da Angelo Barbosa | Apr 5, 2026 | CVE

A vulnerability marked as critical has been reported in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes code injection.

This vulnerability is tracked as CVE-2026-5594. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-5594 | premAI-io premsql up to 0.2.1 followup.py eval result code injection

Post correlati

CVE-2024-52051 | Siemens SIMATIC S7-PLCSIM User Setting input validation (ssa-392859)

CVE-2024-1965 | Haivision Aviwest Manager/Aviwest Streamhub Network Configuration server-side request forgery

CVE-2024-12772 | Ninja Tables Plugin up to 5.0.16 on WordPress CSV Import cross site scripting

CVE-2024-6702 | Pegasystems Pega Infinity up to 24.1.2 Stage cross site scripting