CVE-2026-7023
Description
A vulnerability was detected in ByteDance coze-studio up to 0.5.1. Affected by this vulnerability is the function ExecuteSQL of the file backend/domain/memory/database/service/database_impl.go of the component databaseTool. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
SQL injection in ByteDance coze-studio's ExecuteSQL allows unauthenticated attackers to execute arbitrary SQL queries via backtick and parenthesis bypasses.
Vulnerability
Overview CVE-2026-7023 is an SQL injection vulnerability in ByteDance coze-studio up to version 0.5.1. The flaw resides in the ExecuteSQL function within backend/domain/memory/database/service/database_impl.go. The software-defined Web Application Firewall (WAF) attempts to block dangerous SQL keywords by uppercasing queries and checking for substrings like INFORMATION_SCHEMA or MYSQL.. However, attackers can bypass this filter by using MySQL backticks (e.g., ` mysql.user ), which after ToUpper() becomes MYSQL.USER and fails to match MYSQL.` due to the absence of a dot after the first string. Additionally, parentheses can be used to disrupt regex extraction grouping, further evading validation [1].
Exploitation
The attack can be initiated remotely without authentication. A prompt injector can craft a malicious SQL statement using these evasion techniques, tricking the application into executing arbitrary queries against the internal relational database [1]. The exploit has been publicly disclosed, increasing the risk of active exploitation.
Impact
Successful exploitation allows an attacker to execute uncontrolled SQL queries as the root database user. This enables unauthorized retrieval of sensitive assets, including TiDB/MySQL backend hashes and cross-tenant schema data, potentially leading to data breaches and privilege escalation [1].
Mitigation
As of the publication date, the vendor has not responded to disclosure reports, and no official patch or workaround is available. Users should consider isolating the affected service or applying network-level restrictions to mitigate exposure until a fix is provided [1].
AI Insight generated on May 18, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2cpe:2.3:a:coze:coze_studio:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:coze:coze_studio:*:*:*:*:*:*:*:*range: <=0.5.1
- (no CPE)range: <=0.5.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- gist.github.com/YLChen-007/272fe62967b42259ed767d109615030anvdExploitThird Party Advisory
- vuldb.com/submit/797644nvdExploitThird Party AdvisoryVDB Entry
- vuldb.com/vuln/359602nvdThird Party AdvisoryVDB Entry
- vuldb.com/vuln/359602/ctinvdPermissions Required
News mentions
0No linked articles in our index yet.