{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3431", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "state": "PUBLISHED", "assignerShortName": "tenable", "dateReserved": "2026-03-02T12:35:15.152Z", "datePublished": "2026-03-02T13:00:58.829Z", "dateUpdated": "2026-03-02T13:33:23.987Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "sim", "repo": "https://github.com/simstudioai/sim", "vendor": "SimStudioAI", "versions": [{"lessThan": "0.5.74", "status": "affected", "version": "0", "versionType": "custom"}]}], "datePublic": "2026-03-02T12:55:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endpoints to connect to any reachable MongoDB instance and perform unauthorized operations including reading, modifying, and deleting data."}], "value": "On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endpoints to connect to any reachable MongoDB instance and perform unauthorized operations including reading, modifying, and deleting data."}], "impacts": [{"capecId": "CAPEC-665", "descriptions": [{"lang": "en", "value": "CAPEC-665 Exploitation of Thunderbolt Protection Flaws"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-862", "description": "CWE-862 Missing Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2026-03-02T13:00:58.829Z"}, "references": [{"url": "https://www.tenable.com/security/research/tra-2026-12"}], "source": {"discovery": "UNKNOWN"}, "title": "Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-02T13:33:17.892002Z", "id": "CVE-2026-3431", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-02T13:33:23.987Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-3431", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-02T13:33:17.892002Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-02T13:33:20.459Z"}}], "cna": {"title": "Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-665", "descriptions": [{"lang": "en", "value": "CAPEC-665 Exploitation of Thunderbolt Protection Flaws"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/simstudioai/sim", "vendor": "SimStudioAI", "product": "sim", "versions": [{"status": "affected", "version": "0", "lessThan": "0.5.74", "versionType": "custom"}], "defaultStatus": "unaffected"}], "datePublic": "2026-03-02T12:55:00.000Z", "references": [{"url": "https://www.tenable.com/security/research/tra-2026-12"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endpoints to connect to any reachable MongoDB instance and perform unauthorized operations including reading, modifying, and deleting data.", "supportingMedia": [{"type": "text/html", "value": "On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endpoints to connect to any reachable MongoDB instance and perform unauthorized operations including reading, modifying, and deleting data.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "shortName": "tenable", "dateUpdated": "2026-03-02T13:00:58.829Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3431", "state": "PUBLISHED", "dateUpdated": "2026-03-02T13:33:23.987Z", "dateReserved": "2026-03-02T12:35:15.152Z", "assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be", "datePublished": "2026-03-02T13:00:58.829Z", "assignerShortName": "tenable"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sim:sim:*:*:*:*:*:*:*:*", "matchCriteriaId": "290F2E37-EB57-4D7D-99A8-A944174F757E", "versionEndExcluding": "0.5.74", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endpoints to connect to any reachable MongoDB instance and perform unauthorized operations including reading, modifying, and deleting data."}, {"lang": "es", "value": "En la versi\u00f3n de SimStudio inferior a 0.5.74, los puntos finales de la herramienta MongoDB aceptan par\u00e1metros de conexi\u00f3n arbitrarios del llamador sin autenticaci\u00f3n o restricciones de host. Un atacante puede aprovechar estos puntos finales para conectarse a cualquier instancia de MongoDB accesible y realizar operaciones no autorizadas, incluyendo la lectura, modificaci\u00f3n y eliminaci\u00f3n de datos."}], "id": "CVE-2026-3431", "lastModified": "2026-03-06T20:30:24.963", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "vulnreport@tenable.com", "type": "Secondary"}]}, "published": "2026-03-02T13:16:05.197", "references": [{"source": "vulnreport@tenable.com", "tags": ["Third Party Advisory"], "url": "https://www.tenable.com/security/research/tra-2026-12"}], "sourceIdentifier": "vulnreport@tenable.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "vulnreport@tenable.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,0.5.74)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "sim", "source": "cna", "vendor": "SimStudioAI"}, "product": "sim", "vendor": "simstudioai"}], "created": "2026-03-03T08:45:14.552583+00:00", "updated": "2026-03-03T08:45:14.552653+00:00", "vendors": ["simstudioai", "simstudioai$PRODUCT$sim"]}