SQL Injection Vulnerability in apconw Aix-DB Affected by Local Exploitation
CVE-2026-4530

4.8MEDIUM

Key Information:

Vendor: Apconw
Status: Aix-db
Vendor: CVE Published:; 21 March 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2026-4530?

A security flaw has been identified in the apconw Aix-DB software, specifically affecting the functionality in the file agent/text2sql/rag/terminology_retriever.py. This vulnerability allows for SQL injection through manipulation of the 'Description' argument. The nature of the exploit necessitates a local approach, making it critical for users to secure their systems. Despite early notifications regarding this security issue, the vendor has yet to issue a response, raising concerns over timely remediation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Aix-DB 1.2.0

Aix-DB 1.2.1

Aix-DB 1.2.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2026-4530 - Proof of Concept

References

https://vuldb.com/?id.352318

vdb-entrytechnical-description

https://vuldb.com/?ctiid.352318

signaturepermissions-required

https://vuldb.com/?submit.774072

third-party-advisory

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

🟡
Public PoC available
Mar 21, 2026
👾
Exploit known to exist
Mar 21, 2026
Vulnerability published
Mar 21, 2026
Vulnerability Reserved
Mar 21, 2026

Credit

Goku (VulDB User)

VulDB

JSON

Apconw