CVE-2026-10176 Aider-AI CVE debrief

Who should care

Organizations using Aider-AI Aider 0.86.3 in environments where the code generation workflow may interact with SQL databases, security teams tracking unpatched vulnerabilities with public exploits, and defenders monitoring AI-assisted development tools for injection weaknesses.

Technical summary

The vulnerability exists in an unspecified function within the Code Generation Workflow component of Aider-AI Aider version 0.86.3. Successful manipulation can result in SQL injection. The attack vector is network-based, requires low privileges, and no user interaction. The exploit has been made public. The vendor was notified via GitHub issue prior to publication but has not responded.

Defensive priority

low

Recommended defensive actions

• Review Aider-AI Aider 0.86.3 deployments and restrict network access where possible pending vendor response
• Monitor GitHub issue 5077 and the Aider-AI repository for vendor acknowledgment or patch release
• Assess whether Aider's code generation workflow interacts with any SQL databases in your environment and apply input validation or parameterized query patterns as defense in depth
• Track this CVE for status changes in NVD from 'Received' to 'Analyzed' for additional technical details

Evidence notes

The CVE record was published on 2026-05-31 with Vuldb as the CNA. The vulnerability status in NVD is 'Received'. References include the Aider-AI GitHub repository, issue #5077 (the early report to which the vendor has not responded), and multiple Vuldb pages including the CVE entry, submission record, vulnerability detail, and CTI page. The vendor field is marked low-confidence and needs review, with Vuldb identified as the reference domain candidate. No KEV entry exists. The CVSS score of 2.1 reflects limited impacts despite public exploit availability.

Official resources