CRITICAL🇵🇱 Wersja polska

CVE-2026-30860

CVSS 9.9v3.1pub. 2026-03-07upd. 2026-03-09

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation system fails to recursively inspect child nodes within PostgreSQL array expressions and row expressions, allowing attackers to bypass SQL injection protections. By smuggling dangerous PostgreSQL functions inside these expressions and chaining them with large object operations and library loading capabilities, an unauthenticated attacker can achieve arbitrary code execution on the database server with database user privileges. This issue has been patched in version 0.2.12.

🤖 AI Analysis
How it works

The SQL query validation system does not perform recursive inspection of child nodes in PostgreSQL array expressions and row expressions. An attacker can smuggle dangerous PostgreSQL functions inside these expressions, thereby bypassing SQL injection protection mechanisms. By combining these functions with large object operations and library loading capabilities, it is possible to achieve remote code execution (RCE) on the database server.

Impact

An unauthenticated attacker can execute arbitrary code on the database server with database user privileges, potentially leading to complete server takeover, data theft, and further lateral movement within the infrastructure.

Mitigation & patch

WeKnora should be updated to version 0.2.12 or later, in which the vulnerability has been patched. Details are available in the vendor's references: https://github.com/Tencent/WeKnora/security/advisories/GHSA-8w32-6mrw-q5wv

Who is affected

Tencent WeKnora in versions prior to 0.2.12

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Tencent Weknora

    APP
    Tencent
    < 0.2.12
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCESQLiAuth Bypass
CWE
References

Related vulnerabilities

CVE-2026-30861CRITICAL9.9PL ✓ten sam produkt

RCE w WeKnora — command injection w walidacji konfiguracji MCP stdio

CVE-2026-22688CRITICAL9.9PL ✓ten sam produkt

Command injection w Tencent WeKnora — wykonanie podprocesów przez MCP stdio

CVE-2026-30855HIGH8.8ten sam produkt

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to ...

CVE-2026-30247MEDIUM5.9ten sam produkt

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to ...

CVE-2026-30856MEDIUM5.9ten sam produkt

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to ...