CVE-2026-46373: SQLFluff DoS Vulnerability – Resource Exhaustion via Nested Queries
SQLFluff, a popular SQL linter and code formatter, contains a denial-of-service vulnerability in versions before 4.1.0. An attacker who can submit SQL queries to an application using SQLFluff's parser can craft a specially nested query to exhaust system resources, causing the application to become unresponsive or crash. This affects any deployment where untrusted users have the ability to lint arbitrary SQL code.
Source data · NVD / CISA · public domain
- CVSS
- 3.1 · 7.5 HIGH · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Weaknesses (CWE)
- CWE-674
- Affected products
- 1 configuration(s)
- Published / Modified
- 2026-06-09 / 2026-06-17
NVD description (verbatim)
SQLFluff is a modular SQL linter and auto-formatter with support for multiple dialects and templated code. Prior to version 4.1.0, in deployments where untrusted users can provide SQL queries to be linted, an untrusted user can submit a malicious query with deliberate excessive nesting to any application using the parser to trigger a Denial of Service through resource exhaustion. This issue has been patched in version 4.1.0.
1 reference(s) · View on NVD →
SEC.co analysis · AI-assisted, reviewed against source
Technical summary
CVE-2026-46373 is a resource exhaustion vulnerability in SQLFluff's SQL parser triggered by deeply nested query structures. The vulnerability stems from inadequate handling of recursive parsing operations, allowing crafted input to consume excessive CPU and memory. The attack requires no authentication or user interaction, making it trivially exploitable in multi-tenant or user-facing SQL analysis platforms. SQLFluff versions prior to 4.1.0 are vulnerable; version 4.1.0 includes fixes for parser recursion limits and resource consumption.
Business impact
Organizations using SQLFluff to validate or lint user-supplied SQL queries face service disruption risks. SaaS platforms offering SQL formatting or linting as a feature, internal analytics tools, and CI/CD pipelines that accept arbitrary SQL are at risk of availability outages. The impact is limited to denial of service—no data breach or code execution occurs—but service unavailability can disrupt workflows and erode user trust. Organizations with strict uptime requirements should prioritize patching.
Affected systems
SQLFluff versions before 4.1.0 are vulnerable. This includes both direct SQLFluff installations and any application or service that embeds or depends on affected SQLFluff versions. Risk is highest in scenarios where the parser processes untrusted SQL input: web-based SQL formatters, linting-as-a-service offerings, multi-tenant analytics platforms, and automated CI/CD linting systems that accept user-contributed queries.
Exploitability
Exploitability is high. The attack requires only the ability to submit a SQL query to an affected system—no credentials, no user interaction, and no complex setup. A single crafted query with excessive nesting can trigger denial of service. Exploitation difficulty is low; an attacker needs only to understand basic SQL syntax and nesting mechanics. This makes the vulnerability practically exploitable by anyone with network access to a vulnerable application.
Remediation
Upgrade SQLFluff to version 4.1.0 or later. This update addresses parser resource limits and prevents excessive recursion from malicious input. For applications that cannot immediately patch, implement input validation and query complexity limits at the application level—for example, rejecting queries exceeding a reasonable nesting depth threshold or enforcing query size limits before passing them to the parser. Run-time resource limits (e.g., memory caps, CPU timeouts) can mitigate impact but do not eliminate the vulnerability.
Patch guidance
Verify your SQLFluff installation version using `sqlfluff --version`. Update to version 4.1.0 or later via your package manager (e.g., `pip install --upgrade sqlfluff` for Python environments). Test the patched version in a staging environment with existing SQL linting workflows to ensure compatibility. If you embed SQLFluff as a library, update your dependency declaration and rebuild/redeploy applications. Consult the official SQLFluff release notes to confirm patching has completed and no related regressions were introduced.
Detection guidance
Monitor for signs of parser-related resource exhaustion: CPU spikes correlated with SQL linting requests, memory growth that does not stabilize, and timeout errors in linting logs. Inspect application logs for queries with unusual nesting depth or excessively long query structures submitted shortly before resource exhaustion events. Network-based detection is limited; focus on application-level monitoring. If deploying SQLFluff behind a web service, track request latency and failure rates for linting endpoints. Implement request size and complexity limits and log rejections for forensic review.
Why prioritize this
Despite the 7.5 CVSS score, this vulnerability should be prioritized based on deployment context. If your organization exposes SQL linting to untrusted users or the internet, patch immediately—exploitability is trivial and impact is certain. Internal-only SQL linting deployments are lower priority but should still be addressed in a regular maintenance window. The lack of KEV status indicates this has not yet been widely exploited in the wild, providing a window to patch before attacker tooling matures.
Risk score, explained
The CVSS 3.1 score of 7.5 (HIGH) reflects high exploitability (network-accessible, no auth, no user interaction) balanced against impact limited to availability (no confidentiality or integrity loss). The score accurately captures the practical threat level for most organizations, but business context matters: a SaaS SQL formatter faces higher risk than an internal tool with restricted access. Organizations in regulated industries with strict availability mandates should treat this as critical.
Frequently asked questions
Do we need to patch if SQLFluff is only used in internal, trusted environments?
Risk is substantially lower in closed environments with trusted users, but patching remains advisable. Insider threats, compromised developer accounts, or misconfigured access controls could still expose the vulnerability. Weigh patching effort against your organization's risk tolerance and update schedule.
Can we mitigate this without patching?
Partial mitigation is possible: implement application-level query validation to reject deeply nested queries before passing them to SQLFluff, enforce query size limits, and apply resource quotas (CPU/memory caps) to linting processes. However, these are workarounds, not fixes. Patching is the proper remediation.
Is there exploit code or proof-of-concept publicly available?
As of the publication date, this vulnerability has not been assigned KEV status and exploitation in the wild is not documented. However, the attack is straightforward to understand—any attacker with basic SQL knowledge can craft a nested query to test exploitability. Do not assume public PoC is required; assume the vulnerability is exploitable.
Which applications or platforms are most affected?
Any service that accepts user-submitted SQL for linting or formatting is at risk. Examples include web-based SQL formatters, IDE plugins that call SQLFluff remotely, SaaS analytics platforms, and CI/CD tools. Check your dependency trees and application code to identify SQLFluff usage, especially in user-facing features.
This analysis is provided for informational purposes and reflects the vulnerability details as of the publication and modification dates listed. Patch version numbers and remediation guidance reference the official SQLFluff advisory; verify against the vendor's official release notes before deploying patches. No guarantee is made regarding the completeness or real-time accuracy of this information. Organizations should conduct their own risk assessment based on their specific deployment and threat model. Source: NVD (public-domain), retrieved 2026-07-19. Analysis generated by SEC.co (claude-haiku-4-5).
Related vulnerabilities
- CVE-2026-46149HIGHLinux Kernel SCSI Target Memory Disclosure & DoS Vulnerability
- CVE-2026-49847HIGHFreeSWITCH WebSocket JSON Denial-of-Service (Stack Overflow)
- CVE-2026-49941HIGHNet::CIDR::Set Infinite Recursion Denial of Service
- CVE-2026-9740HIGHMongoDB BSON Validation Denial of Service (Unauthenticated)
- CVE-2026-40989MEDIUMSpring Cloud Function Infinite Recursion OOM Vulnerability
- CVE-2026-44740MEDIUMBilly Go Library Denial-of-Service via Input Validation Flaws
- CVE-2026-47306MEDIUMrlottie Uncontrolled Recursion Denial-of-Service Vulnerability
- CVE-2026-47320MEDIUMrlottie Memory Safety Vulnerability – Uninitialized Pointer & Recursion Flaw