Home

Description

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store create_collection() backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value (declared as int but not enforced at runtime) is interpolated directly into the vector column of the generated CREATE TABLE DDL. A caller able to influence collection-creation dimensions can pass a string such as '3); DROP TABLE tenant_secrets; --' to inject SQL/CQL tokens into the statement executed by the database driver.

PUBLISHED Reserved 2026-07-08 | Published 2026-07-11 | Updated 2026-07-14 | Assigner VulnCheck




CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Product status

Default status
unaffected

Any version before 4.6.78
affected

4.6.78 (semver)
unaffected

Credits

rexpository reporter

References

github.com/...isonAI/security/advisories/GHSA-wf65-4jjx-q444 exploit

github.com/...isonAI/security/advisories/GHSA-wf65-4jjx-q444 (GitHub Security Advisory (GHSA-wf65-4jjx-q444)) vendor-advisory

github.com/...ommit/3aa9cbc2bd49c23a32be0a89a5e620d13d843eab patch

www.vulncheck.com/...-sql-cql-injection-via-vector-dimension (VulnCheck Advisory: PraisonAI before 4.6.78 SQL/CQL Injection via vector dimension) third-party-advisory

cve.org (CVE-2026-60090)

nvd.nist.gov (CVE-2026-60090)

Download JSON