CVE-2026-32950 | Dataease SQLBot up to 1.6.x uploadExcel sql injection (GHSA-7hww-8rj5-7rmm)
A vulnerability categorized as critical has been discovered in Dataease SQLBot up to 1.6.x. This vulnerability affects unknown code of the file /api/v1/datasource/uploadExcel. Executing a manipulation can lead to sql injection.
This vulnerability is tracked as CVE-2026-32950. The attack can be launched remotely. No exploit exists.
It is advisable to upgrade the affected component.