CNNVD-202507-824 Information

CNNVD ID

CNNVD-202507-824

Related CVE

CVE-2025-7156

• CNNVD Published: 2025-07-08

Description (Chinese)

hitsz-ids airda是中国哈工大（深圳）数据安全研究院（hitsz-ids）开源的一个面向数据分析的多智能体。 hitsz-ids airda 0.0.3版本存在注入漏洞，该漏洞源于对文件/v1/chat/completions中参数question的错误操作导致SQL注入。

Description (English)

Hitsz-ids airda is an open source of data-oriented multi-intellectual body of the Hatsud (Shenzhen) Institute for Data Security in China. Version 0.0.3 of hitsz-ids airda has an injection loophole, resulting from an error in the Question of the parameters in the document/v1/chat/complements.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

哈工大（深圳）数据安全研究院

Published

2025-07-08

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.315094 https://vuldb.com/?id.315094 https://vuldb.com/?submit.606352 https://www.cnblogs.com/aibot/p/18956966