CVE-2026-30860

CVE-2026-30860 is a remote code execution (RCE) vulnerability in WeKnora, an LLM-powered framework for deep document understanding and semantic retrieval. The issue affects versions prior to 0.2.12 and resides in the application's database query functionality, which relies on PostgreSQL. The validation system does not recursively inspect child nodes within PostgreSQL array expressions and row expressions, enabling attackers to bypass SQL injection protections (CWE-89). This allows smuggling of dangerous PostgreSQL functions, chained with large object operations and library loading capabilities, resulting in arbitrary code execution on the database server under database user privileges. The vulnerability carries a CVSS v3.1 base score of 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

An attacker with low privileges required (per CVSS) can exploit this vulnerability remotely over the network with low complexity and no user interaction. Although described as exploitable by unauthenticated attackers, the scenario involves crafting malicious inputs to the database query endpoint that evade validation, smuggling payloads within array or row expressions. Successful exploitation grants RCE on the PostgreSQL database server, executing arbitrary code with the privileges of the database user running the WeKnora application.

The GitHub Security Advisory (GHSA-8w32-6mrw-q5wv) at https://github.com/Tencent/WeKnora/security/advisories/GHSA-8w32-6mrw-q5wv confirms the issue and states it has been patched in WeKnora version 0.2.12. Security practitioners should upgrade to version 0.2.12 or later to mitigate the vulnerability.

WeKnora's use of large language models for semantic retrieval highlights its relevance to AI/ML deployments, where document processing pipelines may inadvertently expose high-severity database flaws. No real-world exploitation has been reported in available data.