Technical description
The Aix-DB application's '/llm/process_llm_out' endpoint — designed to process LLM output and write it to a database — lacks the token validation present on all other application endpoints. Unauthenticated clients can submit arbitrary SELECT SQL queries to this endpoint and retrieve data directly from the database. All releases up to and including version 1.2.4 are affected. CVSS 7.1 (High). Disclosed by CERT.pl on June 10, 2026.
Attack vector
Unauthenticated HTTP POST to the /llm/process_llm_out endpoint with a crafted SQL SELECT payload; no credentials or session token required. The endpoint was designed to accept post-processed LLM output and assumes all callers are internal, but is network-accessible.
Affected systems
Aix-DB versions ≤ 1.2.4; AI-augmented database applications built on the Aix-DB platform.
Mitigation
Apply token validation to the /llm/process_llm_out endpoint immediately (equivalent to the authentication controls on all other endpoints); restrict network access to the endpoint to trusted internal callers only pending a patch; review database access logs for unauthorised SELECT queries via this endpoint.