CVE-2026-32949 HIGH

CVE-2026-32949: SQLBot: SSRF to Arbitrary File Read (AFR) via Rogue MySQL

Vendor Dataease
Product SQLBot
Weakness CWE-918 · SSRF
Published March 20, 2026
Last update March 20, 2026
View on NVD All CVEs

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

SQLBot is an intelligent data query system based on a large language model and RAG. Versions prior to 1.7.0 contain a Server-Side Request Forgery (SSRF) vulnerability that allows an attacker to retrieve arbitrary system and application files from the server. An attacker can exploit the /api/v1/datasource/check endpoint by configuring a forged MySQL data source with a malicious parameter extraJdbc="local_infile=1". When the SQLBot backend attempts to verify the connectivity of this data source, an attacker-controlled Rogue MySQL server issues a malicious LOAD DATA LOCAL INFILE command during the MySQL handshake. This forces the target server to read arbitrary files from its local filesystem (such as /etc/passwd or configuration files) and transmit the contents back to the attacker. This issue was fixed in version 1.7.0.

Key dates

02Disclosure timeline

March 20, 2026 CVE published
March 20, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-62616 AutoGPT has SSRF vulnerability in SendDiscordFileBlock CVE-2024-51740 SSRF through arbitrary PHP class instantiation in the user portal in Combodo iTop CVE-2026-33237 AVideo has SSRF in Scheduler Plugin via callbackURL Missing `isSSRFSafeURL()` Validation CVE-2025-49984 WordPress PowerPress Podcasting plugin <= 11.13.11 - Server Side Request Forgery (SSRF) Vulnerability CVE-2024-52579 Server-Side Request Forgery vulnerability in various APIs in Misskey