CVE-2026-5587
Received Received - Intake
SQL Injection in wbbeyourself MAC-SQL Refiner Agent Allows Remote Exploitation

Publication date: 2026-04-05

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was identified in wbbeyourself MAC-SQL up to 31a9df5e0d520be4769be57a4b9022e5e34a14f4. This affects the function _execute_sql of the file core/agents.py of the component Refiner Agent. The manipulation leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-05
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-04-05
EPSS Evaluated
2026-06-14
NVD
CVE-2026-5587
EUVD
EUVD-2026-19119
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
wbbeyourself mac_sql to 31a9df5e0d520be4769be57a4b9022e5e34a14f4 (exc)
wbbeyourself mac-sql to 31a9df5e0d520be4769be57a4b9022e5e34a14f4 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-5587 is a vulnerability in the MAC-SQL framework, specifically in the Refiner agent's _execute_sql method. This method executes SQL statements generated by a large language model (LLM) without proper validation or sanitization. An attacker can exploit this by injecting malicious SQL through prompt injection, causing the system to run arbitrary and potentially harmful SQL queries.

A proof-of-concept shows that an attacker can inject a recursive Common Table Expression (CTE) that creates an infinite loop, which leads to excessive CPU and memory consumption, potentially crashing the server.

The core issue is the implicit trust in the LLM output without filtering, allowing execution of resource-intensive or dangerous SQL commands.

Impact Analysis

This vulnerability can lead to severe impacts including denial of service (DoS) by exhausting server CPU, memory, and I/O resources through execution of resource-intensive SQL queries.

It can cause service disruption or complete server crashes, affecting availability and reliability of the affected system.

Since the system executes unvalidated SQL generated by the LLM, it may also allow execution of other malicious SQL commands, potentially compromising data integrity or confidentiality.

Detection Guidance

This vulnerability can be detected by monitoring for execution of unusual or resource-intensive SQL queries, especially those involving recursive Common Table Expressions (CTEs) or other complex SQL constructs that cause high CPU and memory usage.

One way to detect exploitation attempts is to look for SQL queries similar to the proof-of-concept recursive query that causes infinite loops, such as:

  • WITH RECURSIVE infinite_loop(x) AS ( SELECT 1 UNION ALL SELECT x + 1 FROM infinite_loop ) SELECT x FROM infinite_loop;

You can use system monitoring commands to detect high CPU or memory usage by the process running MAC-SQL. For example, on Linux systems:

  • top or htop - to monitor CPU and memory usage in real-time.
  • ps aux --sort=-%cpu | head -n 10 - to identify processes consuming the most CPU.

Additionally, if you have access to logs or can enable query logging in MAC-SQL or the underlying SQLite database, review logs for suspicious or complex SQL statements.

Mitigation Strategies

Immediate mitigation steps include implementing strict SQL parsing and validation to allow only safe SQL statements, such as SELECT queries, while blocking dangerous operations like recursive CTEs and ATTACH DATABASE commands.

Additionally, enforce query complexity limits and reduce the maximum execution time to a shorter threshold (for example, 5 seconds) to prevent resource exhaustion and denial of service.

Avoid directly executing SQL statements generated by the language model without proper sanitization or validation.

Compliance Impact

The vulnerability allows remote attackers to execute arbitrary and potentially malicious SQL queries without proper validation or sanitization, leading to possible service disruption or server crashes.

Such security weaknesses could impact compliance with standards like GDPR and HIPAA, which require protection of data integrity, availability, and confidentiality.

Specifically, denial of service or unauthorized data manipulation caused by this vulnerability may violate requirements for safeguarding personal or sensitive information under these regulations.

However, the provided information does not explicitly discuss compliance implications or specific regulatory impacts.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-5587. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart