This release includes 4 security fixes for security teams reviewing exposed deployments.
Topics
+13 more
Affected surfaces
ReleasePort's take
Moderate signalThe release patches CVE-2026-50006 and CVE-2026-47253 by adding sandboxing to Anyquery servers, and it fixes an AppleScript/JXA code‑injection flaw in macOS browser and reminders plugins.
Why it matters: Patching these two high‑severity vulnerabilities (CVE scores implied by severity 95) prevents remote code execution on any query server and stops malicious script injection in macOS plugins; immediate action is required for affected deployments.
Summary
AI summaryUpdates https://anyquery.dev, https://anyquery.dev/images/release-header.png, and mysql across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Security | Critical |
Patch vulnerabilities CVE-2026-50006 and CVE-2026-47253 with sandboxing. Patch vulnerabilities CVE-2026-50006 and CVE-2026-47253 with sandboxing. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Security | Critical |
Fix AppleScript/JXA code injection in macOS browser and reminders plugins. Fix AppleScript/JXA code injection in macOS browser and reminders plugins. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Medium |
Add Asana plugin for querying Asana data. Add Asana plugin for querying Asana data. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Medium |
Enhance run command to accept direct arguments and limit clause. Enhance run command to accept direct arguments and limit clause. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Feature | Low |
Add tool annotations for improved LLM understanding. Add tool annotations for improved LLM understanding. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Dependency | Low |
Update SQLean dependency to version 0.28.0. Update SQLean dependency to version 0.28.0. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Dependency | Low |
Update system plugin dependencies. Update system plugin dependencies. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Dependency | Low |
Update plugins dependency to address vulnerability patch. Update plugins dependency to address vulnerability patch. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Bugfix | Medium |
Escape MySQL column names with backticks to handle reserved keywords. Escape MySQL column names with backticks to handle reserved keywords. Source: llm_adapter@2026-06-09 Confidence: high |
— |
| Bugfix | Low |
Remove "replace" directive in go.mod to enable go install. Remove "replace" directive in go.mod to enable go install. Source: llm_adapter@2026-06-09 Confidence: high |
— |
Full changelog
[!WARNING]
Vulnerabilities Patch
This release addresses the vulnerabilities CVE-2026-50006 and CVE-CVE-2026-47253
Related to security advisories GHSA-j9rx-rppg-6hh4, GHSA-mf78-3rpf-r784, GHSA-hwrq-8wxh-q4xv and GHSA-xrcf-6jh3-ggvxPlease update Anyquery as soon as possible
What is Anyquery?
Anyquery is a query engine that allows you to query anything over SQL.
Whether it's a local CSV, a Google Sheet, your Apple notes, or your GitHub stars, you can query it with Anyquery.
It's built on top of SQLite, and you can use alternative languages like PRQL and PQL to query your data.
Get started at anyquery.dev
Changelog
- d4a3bb21f15ba51cb34ac57b341b9d09d8fda80f Add Arch Linux installation instructions via AUR
- 27f84fc168310455eaf81ec4ba87eed20298670c Add sandboxing to remediate CVE-2026-47253 and CVE-2026-50006
- 32b6ee945033c4c36c08d2e5805e7747da9da8cf Merge branch 'security/server-sandboxing' into 0.4.5-release
- 74b7c9d462325f7ca98e09922f2d216119fc3a78 Merge pull request #66 from ngtrnhao/add-arch-installation (AUR package installation docs)
- 66d5e684cd0a1a4086758aadaf3b22aee4e6e498 Merge pull request #67 from rickalee/fix/mysql-reserved-keyword-escaping
- cdcd194a079aaaf08d3346c7dcb12e016eda2504 Merge pull request #68 from bryankthompson/feat/add-tool-annotations
- 62820b6640f8b8a46eb4447faff6ff6c3403db7a feat: Add tool annotations for improved LLM tool understanding
- e8ab4f9f65da8bcdbeaa698d3e9834e4bef79404 fix(mysql): Escape column names with backticks to handle reserved keywords
- 00e8da36127527944e862a7f1bcc9151614788f0 ✨ Add Asana plugin
- cff1afccd94925121f544b7dddb8d2dee7f9ad4d ✨ Enhance run command capabilities Arguments can now be passed directly at the end of the command Users can supply a limit clause
- e726a185d26693c20e6c3b901e74e06907d68398 ⬆️ Update SQLean to 0.28.0
- 5a8fa1f993c463cf08f15d425c447cd3eb8c4c2a ⬆️ Update dependencies for the system plugin
- 0ebe896a1ce3635de4cdd548ce92b878cb405252 ⬆️ Update plugins dependency for vulnerability patch
- 75cae357523f78172fad04ac41163b41bcbb7ede 💄 Fix website issue with hub
- da45016c9e49d875a8b7e2fd094915c62ef9ec84 💄 Update website css to show alert banner on CVE plugins
- 81c1d25b34eaa3adec840281b4594c24c92eee22 📝 Add AUR installation instructions to website documentation
- f9ff8bdc2d98dd27572177786fcd38558864c2ea 📦️ Remove "replace" directive in go/mod to enable go install
- 5cd7d7c85844668899fd7c8ef37309c6db96dee2 🔀 Merge branch '0.4.5-release' (not final release)
- 33769e03bd4b0f76d7a20a4188cce7153f6db1c9 🔒️ Fix AppleScript/JXA code injection in macOS browser & reminders plugins
- 6685702648b11c492bb6133268344f808c340f9e 🔖 Change versions of plugins subjected to CVE-2026-47252
- 03afef09af34131a13b4ee5499b8d3c123f61de0 🥅 Add more meaningful error message
Security Fixes
- CVE-2026-50006 — sandboxing added to remediate vulnerability (GHSA-j9rx-rppg-6hh4)
- CVE-2026-47253 — sandboxing added to remediate vulnerability (GHSA-mf78-3rpf-r784)
- CVE-2026-47252 — plugin version changes applied (GHSA-hwrq-8wxh-q4xv)
- CVE‑unspecified — fixed AppleScript/JXA code injection in macOS browser & reminders plugins (GHSA-xrcf-6jh3-ggvx)
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About julien040/anyquery
Query anything (GitHub, Notion, +40 more) with SQL and let LLMs (ChatGPT, Claude) connect to using MCP
Related context
Related tools
Beta — feedback welcome: [email protected]