LOW
zhongyu09
CVE published 2026-04-05
CVE-2026-5586
CVE-2026-5586 describes a SQL injection weakness in zhongyu09 openchatbi up to version 0.2.1, affecting an unknown function in the Multi-stage Text2SQL Workflow. The issue is reported as remotely exploitable through manipulation of the keywords argument, and the exploit has been publicly disclosed. NVD currently marks the vulnerability status as Deferred.