COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-60090

CVE-2026-60090

Severity
critical
Source
NVD · cve
Published
2026-07-11
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-60090
shame 65/100 data-breachunpatchedexploited-in-wild

PraisonAI's vector store creation feature allows SQL/CQL injection via unvalidated dimension arguments, enabling database destruction.

PraisonAI versions prior to 4.6.78 fail to validate the dimension argument in create_collection(), allowing attackers to inject SQL/CQL commands that can drop tenant secrets and destroy databases. This flaw is critical (CVSS 9.8) and poses a severe risk to DIB organizations relying on PraisonAI for knowledge management, as it enables direct database compromise without requiring remote code execution or zero-day exploitation.

Shame score — A critical vulnerability in a widely used AI infrastructure component that allows database destruction via injection, indicating a failure to properly validate user inputs in a high-stakes environment.

Description

PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-store create_collection() backends. Although schema, keyspace, and collection-name identifiers are validated, the dimension value (declared as int but not enforced at runtime) is interpolated directly into the vector column of the generated CREATE TABLE DDL. A caller able to influence collection-creation dimensions can pass a string such as '3); DROP TABLE tenant_secrets; --' to inject SQL/CQL tokens into the statement executed by the database driver.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.