Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
CVE-2026-34825 is a low severity vulnerability with a CVSS score of 0.0. No known exploits currently, and patches are available.
Very low probability of exploitation
EPSS predicts the probability of exploitation in the next 30 days based on real-world threat data, complementing CVSS severity scores with actual risk assessment.
NocoBase <= 2.0.8 plugin-workflow-sql substitutes template variables directly into raw SQL strings via getParsedValue() without parameterization or escaping. Any user who triggers a workflow containing a SQL node with template variables from user-controlled data can inject arbitrary SQL.
The SQLInstruction in packages/plugins/@nocobase/plugin-workflow-sql/src/server/SQLInstruction.ts line 28 processes SQL templates:
// SQLInstruction.ts:28
const sql = processor.getParsedValue(node.config.sql || '', node.id).trim();
Then executes the resulting string directly:
// SQLInstruction.ts:35
const [result] = await collectionManager.db.sequelize.query(sql, {
transaction: this.workflow.useDataSourceTransaction(dataSourceName, processor.transaction),
});
getParsedValue() performs simple string substitution of {{$context.data.fieldName}} placeholders with values from the workflow trigger data. No escaping, quoting, or parameterized binding is applied.
When an admin creates a SQL node with a template like:
SELECT * FROM users WHERE nickname = '{{$context.data.nickname}}'
Any user who triggers the workflow with a crafted value can break out of the string literal and inject arbitrary SQL.
users table (mode: after create)SELECT id, nickname, email FROM users WHERE nickname = '{{$context.data.nickname}}'
' UNION SELECT 1,version(),current_user --[
{
"id": 1,
"nickname": "PostgreSQL 16.13 (Debian 16.13-1.pgdg13+1) on x86_64-pc-linux-gnu...",
"email": "nocobase"
}
]
The injected UNION SELECT returned the database version and current database user.
Full database read/write access through SQL injection. An attacker who can trigger a workflow with a SQL node containing template variables from user-controlled data can extract credentials, modify records, or drop tables. The severity depends on the database user's privileges (full superuser access in the default Docker deployment).
Use parameterized queries. Replace direct string substitution with Sequelize bind parameters:
// SQLInstruction.ts
- const sql = processor.getParsedValue(node.config.sql || '', node.id).trim();
+ const { sql, bind } = processor.getParsedValueAsParams(node.config.sql || '', node.id);
const [result] = await collectionManager.db.sequelize.query(sql, {
+ bind,
transaction: ...
});
Please cite this page when referencing data from Strobes VI. Proper attribution helps support our vulnerability intelligence research.