Medium severity6.3NVD Advisory· Published Mar 16, 2026· Updated Apr 29, 2026

CVE-2026-4173

Description

A flaw has been found in CodePhiliaX Chat2DB up to 0.3.7. This vulnerability affects the function exportTable/exportTableColumnComment/exportView/exportProcedure/exportTriggers/exportTrigger/updateProcedure of the file DMDBManage.java of the component Database Export Handler. This manipulation causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Multiple authenticated SQL injection vulnerabilities in Chat2DB ≤0.3.7 allow attackers to extract arbitrary metadata from DM databases via unsanitized parameters.

Root

Cause

The vulnerability is located in DMDBManage.java, where user-supplied parameters like schemaName and tableName are directly concatenated into SQL query templates using String.format(). The application fails to use parameterized queries or input validation, leading to SQL injection in functions such as exportTable, exportView, and exportProcedure [1].

Exploitation

An authenticated attacker can send crafted requests to the /api/rdb/database/export endpoint, injecting malicious SQL clauses into the schemaName or tableName parameters. The attack is remotely exploitable and does not require special privileges beyond authentication [1].

Impact

Successful exploitation allows an attacker to bypass schema isolation and read table structures, metadata, and sensitive data from other schemas on the same DM database instance. The exploit has been published, increasing the risk of active attacks [1].

Mitigation

The vendor was contacted but did not respond. As of the affected version ≤0.3.7, no official patch or workaround has been released. Users are advised to restrict access to the export endpoints and apply network-level controls until a fix is available [1].

References

Multiple Authenticated SQL Injection Vulnerabilities in Chat2DB

AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

CodePhiliaX/Chat2DBllm-create
Range: <=0.3.7

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/AnalogyC0de/public_exp/issues/21nvd
vuldb.comnvd
vuldb.comnvd
vuldb.comnvd

News mentions

No linked articles in our index yet.

Severity

MediumCVSS v3.1

6.3/ 10

CVSS v42.1

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack vector: Network
Complexity: Low
Privileges: Low
User interaction: None
Scope: Unchanged
Confidentiality: Low
Integrity: Low
Availability: Low

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS

Probability of exploitation in the next 30 days.

0.03%

VYPR risk score

Composite of severity, exploitation, and reach.

0.41medium

cvss	0.410
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000

Weaknesses

CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE ID

CVE-2026-4173

Credits

A(
Ana10gy (VulDB User)
reporter
V
VulDB
coordinator