Vanna-ai Vanna
8 CVEs affecting Vanna-ai Vanna. Latest disclosed: 2026-04-25. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-6977 | High | 7.3 | 2026-04-25 | A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The ma… |
CVE-2026-5320 | High | 7.3 | 2026-04-02 | A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is an unknown functionality of the file /api/vanna/v2/ of the compon… |
CVE-2026-4231 | High | 7.3 | 2026-03-16 | A vulnerability was found in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function update_sql/run_sql of the file src/vanna/legacy/flask/_… |
CVE-2026-4229 | High | 7.3 | 2026-03-16 | A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data of the file src/vanna/legacy/google/bigquery_vector.py. Thi… |
CVE-2026-4513 | Medium | 6.3 | 2026-03-21 | A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performin… |
CVE-2026-4511 | Medium | 6.3 | 2026-03-21 | A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads… |
CVE-2026-4230 | Medium | 6.3 | 2026-03-16 | A vulnerability has been found in vanna-ai vanna up to 2.0.2. Affected is the function update_sql of the file src/vanna/legacy/flask/__init__.py of the compone… |
CVE-2026-5321 | Medium | 4.3 | 2026-04-02 | A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component FastAPI/Flask Server. Executing a ma… |