DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-30860: CVE-2026-30860: Remote Code Execution via SQL Injection Bypass in Tencent WeKnora

#security #cve #cybersecurity

CVE-2026-30860: Remote Code Execution via SQL Injection Bypass in Tencent WeKnora

Vulnerability ID: CVE-2026-30860
CVSS Score: 9.9
Published: 2026-03-06

CVE-2026-30860 is a critical remote code execution vulnerability in Tencent WeKnora prior to version 0.2.12. The flaw exists in the AI-driven database query tool, where incomplete Abstract Syntax Tree (AST) validation allows attackers to bypass SQL injection protections. By encapsulating malicious PostgreSQL functions within unhandled Array or Row expressions, an attacker can achieve arbitrary file read, file write, and execute arbitrary code on the underlying database server.

TL;DR

A logic flaw in WeKnora's SQL AST validation (<0.2.12) fails to parse Array/Row expressions. This enables attackers to bypass security filters, smuggle malicious PostgreSQL functions, and achieve RCE on the database server.

⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-89, CWE-627
  • Attack Vector: Network
  • CVSS v3.1: 9.9 (Critical)
  • EPSS Score: 0.00077
  • Impact: Arbitrary Code Execution
  • Exploit Status: Proof of Concept Available
  • KEV Status: Not Listed

Affected Systems

  • Tencent WeKnora (< 0.2.12)
  • PostgreSQL instances connected to vulnerable WeKnora deployments
  • WeKnora: < 0.2.12 (Fixed in: 0.2.12)

Code Analysis

Commit: 01d1aea

Implement comprehensive AST validation and deny-by-default logic for SQL nodes.

Commit: 90ebd49

Add table whitelisting to restrict queries to knowledge_bases, knowledges, and chunks tables.

Mitigation Strategies

  • Upgrade application software
  • Enforce least privilege for database service accounts
  • Disable unused administrative application components

Remediation Steps:

  1. Upgrade Tencent WeKnora to version 0.2.12 or later to apply the comprehensive AST validation fix.
  2. Audit the PostgreSQL user account used by the application and revoke all execution permissions on administrative functions such as pg_read_file, pg_reload_conf, and lo_export.
  3. Ensure the database user is restricted to querying only the specific application tables (knowledge_bases, knowledges, chunks).
  4. If patching cannot be performed immediately, temporarily disable the database_query tool within the application interface.

References

Read the full report for CVE-2026-30860 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)