{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30273", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-01T18:19:20.151Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-04-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T16:27:46.301Z"}, "descriptions": [{"lang": "en", "value": "pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base._execute_sql_query component."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/sinaptik-ai/pandas-ai"}, {"url": "https://gist.github.com/CafeD1/21c32edbf1b63fd88a79c290ed2a8059"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-89", "lang": "en", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T18:18:48.301661Z", "id": "CVE-2026-30273", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:19:20.151Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30273", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T18:18:48.301661Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T18:17:36.736Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/sinaptik-ai/pandas-ai"}, {"url": "https://gist.github.com/CafeD1/21c32edbf1b63fd88a79c290ed2a8059"}], "descriptions": [{"lang": "en", "value": "pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base._execute_sql_query component."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T16:27:46.301Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30273", "state": "PUBLISHED", "dateUpdated": "2026-04-01T18:19:20.151Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-01T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gabrieleventuri:pandasai:*:*:*:*:*:python:*:*", "matchCriteriaId": "825B4264-493C-4247-AA15-AD830C6F6EFE", "versionEndIncluding": "3.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "pandas-ai v3.0.0 was discovered to contain a SQL injection vulnerability via the pandasai.agent.base._execute_sql_query component."}], "id": "CVE-2026-30273", "lastModified": "2026-04-06T20:43:46.890", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-01T17:28:38.733", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://gist.github.com/CafeD1/21c32edbf1b63fd88a79c290ed2a8059"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://github.com/sinaptik-ai/pandas-ai"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.0.0"}}], "enrichment": {"confidence": 90.0, "confidence_source": "inferred", "scores": [{"score": 90.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "pandas-ai", "vendor": "sinaptik-ai"}], "analysis": {"en": {"generated_at": "2026-04-07T02:14:28.153363+00:00", "value": {"mitigation_remediation": ["Upgrade pandasai to a patched version once it becomes available; if no patch is released, consider removing or disabling any functionality that forwards client\u2011supplied SQL to the _execute_sql_query method.", "Validate or sanitize all query strings before passing them to _execute_sql_query; use parameterized queries or an ORM to prevent injection.", "Monitor the pandasai GitHub repository and associated security advisories for updates or additional guidance."], "summary": {"action": "Assess Impact", "impact": "SQL Injection"}, "threat_synthesis": {"affected_systems": "The affected module is the pandasai library developed by Gabriele Eventuri, specifically version 3.0.0 for Python. Applications that import pandasai and expose the _execute_sql_query method to user\u2011provided data are at risk. Any system that relies on this library to run database queries could be compromised if it does not filter or treat input properly.", "description_and_impact": "pandas\u2011ai version 3.0.0 contains a flaw in the _execute_sql_query component that permits arbitrary SQL injection. By supplying a crafted query string, an attacker can modify the database command executed, which can lead to unauthorized reading, updating, or deleting of data. The vulnerability is a classic example of CWE-89, where unsanitized input is used to compose database queries.", "risk_and_exploitability": "The CVSS score of 7.3 indicates high severity, yet the EPSS score of less than 1% suggests that exploitation is currently unlikely. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is an attacker influencing the query string passed to _execute_sql_query, which is inferred from the description and is typical for web or service applications that accept user\u2011sourced SQL statements."}}}}, "created": "2026-04-02T07:51:24.897296+00:00", "updated": "2026-04-07T08:07:44.542004+00:00", "vendors": ["sinaptik-ai", "sinaptik-ai$PRODUCT$pandas-ai"]}