Cyber Resilience

CVE-2024-7764

High

Published: 20 March 2025

Published
20 March 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3 8.1 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS Score 0.0021 43.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-7764 is a high-severity SQL Injection (CWE-89) vulnerability. Its CVSS base score is 8.1 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Databases (T1213.006); ranked at the 43.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

This vulnerability is AI-related — categorised as NLP and Transformers; in the LLM/Generative AI Risks risk domain; MITRE ATLAS techniques in scope: LLM Prompt Injection (AML.T0051).

EU & UK References

Vulnerability details

Vanna-ai v0.6.2 is vulnerable to SQL Injection due to insufficient protection against injecting additional SQL commands from user requests. The vulnerability occurs when the `generate_sql` function calls `extract_sql` with the LLM response. An attacker can include a semi-colon between a…

more

search data field and their own command, causing the `extract_sql` function to remove all LLM generated SQL and execute the attacker's command if it passes the `is_sql_valid` function. This allows the execution of user-defined SQL beyond the expected boundaries, notably the trained schema.

CWE(s)

AI Security AnalysisAI

AI Category
NLP and Transformers
Risk Domain
LLM/Generative AI Risks
OWASP Top 10 for LLMs 2025
LLM01:2025 Prompt Injection
Classification Reason
Matched keywords: ai, llm

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1213.006 Databases Collection
Adversaries may leverage databases to mine valuable information.
Why these techniques?

The SQL injection vulnerability enables arbitrary SQL command execution on the backend database, facilitating unauthorized data collection from databases.

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0051: LLM Prompt Injection

Affected Assets

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-89

Penetration testing uses SQL injection payloads against database interfaces, identifying and supporting fixes for SQL injection weaknesses.

addresses: CWE-89

Validates query inputs to prevent SQL syntax or command manipulation.

References