CVE-2026-33324 | Dataease SQLBot up to 1.7.0 Text2SQL Chat Interface question sql injection

A vulnerability was found in Dataease SQLBot up to 1.7.0. It has been rated as critical. This vulnerability affects unknown code of the component Text2SQL Chat Interface. Performing a manipulation of the argument question results in sql injection.

This vulnerability is identified as CVE-2026-33324. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More