Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

vanna-ai — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting vanna-ai. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by vanna-ai:vannavanna-ai/vanna
CVE IDTitleCVSSSeverityPublished
CVE-2026-6977 vanna-ai vanna Legacy Flask API improper authorization — vannaCWE-285 7.3 High2026-04-25
CVE-2026-5321 vanna-ai vanna FastAPI/Flask Server cross-domain policy — vannaCWE-942 4.3 Medium2026-04-02
CVE-2026-5320 vanna-ai vanna Chat API Endpoint v2 missing authentication — vannaCWE-306 7.3 High2026-04-02
CVE-2026-4513 vanna-ai vanna base.py ask sql injection — vannaCWE-89 6.3 Medium2026-03-21
CVE-2026-4511 vanna-ai vanna legacy exec injection — vannaCWE-74 6.3 Medium2026-03-21
CVE-2026-4231 vanna-ai vanna Endpoint __init__.py run_sql server-side request forgery — vannaCWE-918 7.3 High2026-03-16
CVE-2026-4230 vanna-ai vanna Endpoint __init__.py update_sql sql injection — vannaCWE-89 6.3 Medium2026-03-16
CVE-2026-4229 vanna-ai vanna bigquery_vector.py remove_training_data sql injection — vannaCWE-89 7.3 High2026-03-16
CVE-2024-7764 SQL Injection in vanna-ai/vanna — vanna-ai/vannaCWE-89 9.8 -2025-03-20
CVE-2024-8055 Local File Read (LFI) by Prompt Injection via SnowFlake SQL in vanna-ai/vanna — vanna-ai/vannaCWE-89 9.1 -2025-03-20
CVE-2024-6841 CSRF in vanna-ai/vanna — vanna-ai/vannaCWE-352 8.8 -2025-03-20
CVE-2024-8099 Server-Side Request Forgery (SSRF) in vanna-ai/vanna — vanna-ai/vannaCWE-918 9.1 -2025-03-20
CVE-2024-5753 Local File Read (LFI) by Prompt Injection via Postgres SQL in vanna-ai/vanna — vanna-ai/vannaCWE-89 9.1AICriticalAI2024-07-05
CVE-2024-5827 Arbitrary File Write by Prompt Injection via DuckDB SQL in vanna-ai/vanna — vanna-ai/vannaCWE-89 9.8AICriticalAI2024-06-28
CVE-2024-5826 Remote Code Execution via Prompt Injection in vanna-ai/vanna — vanna-ai/vannaCWE-94 9.8AICriticalAI2024-06-27

This page lists every published CVE security advisory associated with vanna-ai. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.