PYSEC-2026-3073
Vulnerability from pysec - Published: 2026-07-13 15:19 - Updated: 2026-07-13 16:06Impact
The ajax_lookup endpoint in application.py bypasses the is_accessible() access control check that all other endpoints enforce.
If a developer restricts model access by overriding is_accessible(), an authenticated user can still query that model's data through the ajax_lookup endpoint — silently bypassing the restriction.
Affected endpoint:
GET /{identity}/ajax/lookup?name=<field>&term=<query>
All other endpoints enforce both checks:
| Endpoint | @login_required |
is_accessible() |
|---|---|---|
list |
✓ | ✓ |
create |
✓ | ✓ |
edit |
✓ | ✓ |
delete |
✓ | ✓ |
details |
✓ | ✓ |
export |
✓ | ✓ |
ajax_lookup (before fix) |
✗ | ✗ |
ajax_lookup (after fix) |
✓ | ✓ |
Note: before this fix, ajax_lookup also lacked the @login_required decorator — unauthenticated users could query it directly. That was addressed in #1035. This report covers the remaining gap: authenticated but unauthorized users.
Patches
Two changes were made to ajax_lookup:
- Replaced the hand-rolled authentication check added in #1035 with the standard
@login_requireddecorator used by all other endpoints. - Added the missing
is_accessible(request)check, raisingHTTP 403when it returnsFalse.
Workarounds
None. Developers relying on is_accessible() to restrict model visibility are exposed regardless of what other access controls are in place.
| Name | purl | sqladmin | pkg:pypi/sqladmin |
|---|
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "sqladmin",
"purl": "pkg:pypi/sqladmin"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.25.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": [
"0.0.0",
"0.1.0",
"0.1.1",
"0.1.10",
"0.1.11",
"0.1.12",
"0.1.2",
"0.1.3",
"0.1.4",
"0.1.5",
"0.1.6",
"0.1.7",
"0.1.8",
"0.1.9",
"0.10.0",
"0.10.1",
"0.10.2",
"0.10.3",
"0.11.0",
"0.12.0",
"0.13.0",
"0.14.0",
"0.14.1",
"0.15.0",
"0.15.1",
"0.15.2",
"0.16.0",
"0.16.1",
"0.17.0",
"0.18.0",
"0.19.0",
"0.2.0",
"0.2.1",
"0.20.0",
"0.20.1",
"0.21.0",
"0.22.0",
"0.23.0",
"0.24.0",
"0.25.0",
"0.3.0",
"0.4.0",
"0.5.0",
"0.6.0",
"0.6.1",
"0.7.0",
"0.8.0",
"0.9.0"
]
}
],
"aliases": [
"CVE-2026-46645",
"GHSA-54mc-gghv-4cfj"
],
"details": "### Impact\n\nThe `ajax_lookup` endpoint in `application.py` bypasses the `is_accessible()` access control check that all other endpoints enforce.\n\nIf a developer restricts model access by overriding `is_accessible()`, an authenticated user can still query that model\u0027s data through the `ajax_lookup` endpoint \u2014 silently bypassing the restriction.\n\n**Affected endpoint:**\n\n`GET /{identity}/ajax/lookup?name=\u003cfield\u003e\u0026term=\u003cquery\u003e`\n\n**All other endpoints enforce both checks:**\n\n| Endpoint | `@login_required` | `is_accessible()` |\n|---|---|---|\n| `list` | \u2713 | \u2713 |\n| `create` | \u2713 | \u2713 |\n| `edit` | \u2713 | \u2713 |\n| `delete` | \u2713 | \u2713 |\n| `details` | \u2713 | \u2713 |\n| `export` | \u2713 | \u2713 |\n| `ajax_lookup` (before fix) | \u2717 | \u2717 |\n| `ajax_lookup` (after fix) | \u2713 | \u2713 |\n\nNote: before this fix, `ajax_lookup` also lacked the `@login_required` decorator \u2014 unauthenticated users could query it directly. That was addressed in #1035. This report covers the remaining gap: authenticated but unauthorized users.\n\n### Patches\n\nTwo changes were made to `ajax_lookup`:\n\n1. Replaced the hand-rolled authentication check added in #1035 with the standard `@login_required` decorator used by all other endpoints.\n2. Added the missing `is_accessible(request)` check, raising `HTTP 403` when it returns `False`.\n\n### Workarounds\n\nNone. Developers relying on `is_accessible()` to restrict model visibility are exposed regardless of what other access controls are in place.",
"id": "PYSEC-2026-3073",
"modified": "2026-07-13T16:06:20.421514Z",
"published": "2026-07-13T15:19:11.118692Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/smithyhq/sqladmin/security/advisories/GHSA-54mc-gghv-4cfj"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46645"
},
{
"type": "WEB",
"url": "https://github.com/smithyhq/sqladmin/pull/1035"
},
{
"type": "WEB",
"url": "https://github.com/smithyhq/sqladmin/commit/b0d3a19fb9b074a9ed243de46930108375dfbb98"
},
{
"type": "PACKAGE",
"url": "https://github.com/smithyhq/sqladmin"
},
{
"type": "WEB",
"url": "https://github.com/smithyhq/sqladmin/releases/tag/0.25.1"
},
{
"type": "PACKAGE",
"url": "https://pypi.org/project/sqladmin"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-54mc-gghv-4cfj"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "SQLAdmin: Authorization Bypass on `ajax_lookup`"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.