Vulnerabilities

CVE-2025-15597 - Dataease SQLBot API Endpoint assistant.py access control

2026-03-02 0 views admin

CVE ID : CVE-2025-15597 Published : March 2, 2026, 6:16 a.m. | 54 minutes ago Description : A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.0 mitigates this issue. The name of the patch is d640ac31d1ce64ce90e06cf7081163915c9fc28c. Upgrading the affected component is recommended. Multiple endpoints are affected. The vendor was contacted early about this disclosure. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2025-15597

Published

March 2, 2026

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2025-15597

CVE-2025-15597 - Dataease SQLBot API Endpoint assistant.py access control

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-3411 - itsourcecode University Management System admin_single_student_update.php sql inj...

CVE-2026-2999 - Changing｜IDExpert Windows Logon Agent - Remote Code Execution

CVE-2026-3413 - itsourcecode University Management System admin_single_student.php sql injection

CVE-2026-3000 - Changing｜IDExpert Windows Logon Agent - Remote Code Execution

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting