CVE-2026-4229 MEDIUM

CVE-2026-4229: vanna-ai vanna bigquery_vector.py remove_training_data sql injection

Vendor Vanna-Ai

Product vanna

Weakness CWE-89 · SQLi

Published March 16, 2026

Last update March 16, 2026

View on NVD All CVEs

CVSS base score

6.9/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data of the file src/vanna/legacy/google/bigquery_vector.py. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Key dates

02Disclosure timeline

March 16, 2026 CVE published

March 16, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-4229

Related vulnerabilities

Identifiers

CVE CVE-2026-4229

CWE CWE-89

CVSS 6.9 / MEDIUM

Affected versions

Vendor Vanna-Ai

Product vanna

Affected 2.0.0

Vendor Vanna-Ai

Product vanna

Affected 2.0.1

Vendor Vanna-Ai

Product vanna

Affected 2.0.2

CVE-2026-4229: vanna-ai vanna bigquery_vector.py remove_training_data sql injection

01Description

02Disclosure timeline

03References

04Related CVE