CVE-2026-33442

HIGH

8.1

Descricao

Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the `sanitizeStringLiteral` method in Kysely's query compiler escapes single quotes (`'` → `''`) but does not escape backslashes. On MySQL with the default `BACKSLASH_ESCAPES` SQL mode, an attacker can inject a backslash before a single quote to neutralize the escaping, breaking out of the JSON path string literal and injecting arbitrary SQL. Version 0.28.14 fixes the issue.

Detalhes CVE

Pontuacao CVSS v3.18.1

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeHIGH

Privilegios necessariosNONE

Interacao do usuarioNONE

Publicado3/26/2026

Ultima modificacao3/31/2026

Fontenvd

Avistamentos honeypot0

Produtos afetados

kysely:kysely

Fraquezas (CWE)

CWE-89

Referencias

https://github.com/kysely-org/kysely/security/advisories/GHSA-fr9j-6mvq-frcv(security-advisories@github.com)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.