A vulnerability described as critical has been identified in SchemaHero 0.23.0 . This issue affects the function mysqlColumnAsInsert in the library plugins/mysql/lib/column.go of the component Parameter Handler . Executing a manipulation of the argument column can lead to sql injection. This vulnerability is handled as CVE-2026-33643 . The attack can be executed remotely. There is not any exploit available.