📊 HiddenMerit Daily · Issue 17
Focus on Database Frontiers, Practical Insights for DBAs
May 12, 2026 | 5 Selected Global Breaking News
01|CISA Formally Adds LiteLLM Vulnerability to Catalog, Warns of Active Exploitation
On May 8, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) formally added a critical pre‑authentication SQL injection vulnerability (CVE-2026-42208) in the BerriAI open‑source AI gateway LiteLLM to its Known Exploited Vulnerabilities Catalog, signalling that the severity has reached a level requiring immediate remediation by federal agencies. The vulnerability stems from the LiteLLM proxy's API key validation logic failing to parameterise user input, allowing attackers to bypass signature flows and read all cloud vendor and AI model API credentials stored in the database. The vulnerability was patched in version 1.83.7 on April 19.
The Sysdig threat research team reported active in‑the‑wild exploitation approximately 36 hours after public disclosure. Snyk and other security organisations noted that the core issue is that the database query construction mixes caller‑provided key values directly into the query text instead of passing them as separate parameters – a classic SQL injection mistake, now replicated at scale in AI infrastructure.
As a single point of entry connecting multiple LLM providers (OpenAI, Azure OpenAI, Anthropic, etc.), once LiteLLM is compromised, all of an enterprise's AI model access is exposed. The subsequently disclosed PraisonAI multi‑agent system vulnerability (CVE-2026-41496, CVSS 8.1), affecting nine database backends including MySQL and PostgreSQL, similarly concatenates unvalidated table prefix parameters into SQL strings, further amplifying industry concerns about AI middleware security.
· DBA Perspective: The LiteLLM vulnerability is fundamentally SQL injection in the AI middleware layer – all the traditional database access controls and intrusion detection capabilities are bypassed because the middleware operator is implicitly granted "superuser" query privileges on the database. Even if the data layer is hardened, the vulnerability still targets sensitive credentials stored in the backend. In high‑security environments, DBAs must work with DevSecOps teams to enforce a strict principle of least privilege, requiring AI gateways to use a read‑only segregated database and never touch production storage.
· CTO Perspective: CISA adding LiteLLM to its catalog is a landmark signal that enterprise governance must mandate regular AI middleware attack surface assessments. AI gateways have evolved from "cost‑saving tools" into "single‑point‑of‑failure amplifiers" in the security architecture. CTOs must use internal red teams to conduct routine penetration testing on AI gateways, monitor logs and API access patterns, and prepare for the cascading impact of large‑scale key leakage.
· Investor Perspective: CISA's inclusion of LiteLLM in its Known Exploited Vulnerabilities Catalog indicates that authorities have elevated AI infrastructure vulnerabilities to systemic threats. This will force enterprise customers to impose rigorous security reviews when selecting AI gateways, increasing the bargaining power of AI security vendors. Investors should continue to track startups focused on AI traffic auditing, API key lifecycle management, and AI model activity monitoring.
02|Alphabet/Google Cloud Strategy: Databases Become the Backbone of the AI Era
On May 7–9, the Google Cloud Next‘26 annual conference took place in San Francisco and multiple locations worldwide. CEO Sundar Pichai emphasised that Gemini Enterprise’s paid monthly active users grew 40% quarter‑over‑quarter. Google Cloud CEO Thomas Kurian systematically demonstrated the full vertical integration of the AI stack, from TPU custom silicon and Gemini models to the application layer.
At the same time, Google Cloud officially released its enterprise‑ready MCP (Model Context Protocol) Toolbox, embedding databases (AlloyDB, BigQuery, Spanner) into AI agent workflows. It allows users to query underlying databases using natural language and supports multi‑modal retrieval combining relational, graph, vector, and full‑text search within a single platform. Kurian emphasised that Google Cloud is the only cloud vendor offering first‑party solutions at every layer while maintaining open connectivity to other infrastructure and data.
Google Cloud also launched its Cross‑Cloud Lakehouse based on the open Apache Iceberg table format, enabling direct querying of data stored in AWS S3, with Azure expansion planned for later this year. The three major cloud giants – AWS, Google, and Microsoft – have reached a rare consensus on Iceberg, marking the extension of trusted integrated data architecture from the public cloud to a multi‑cloud ecosystem.
· DBA Perspective: Seamless natural language access to databases signals a gradual diffusion of the DBA role – many simple queries will no longer land directly on frontline database operations staff. DBAs will transform into "built‑in access policy managers" for AI agents, focusing more on data privacy and permission governance than hand‑written SQL tuning. As engines optimise multi‑modal query latency, DBAs must prepare to audit subquery recursion paths for new vector queries at fine granularity.
· CTO Perspective: While Gemini paid monthly actives grew 40%, Google is embedding multi‑modal databases and cross‑cloud interoperability into its agent matrix, reflecting a new architectural philosophy where data management serves intelligent collaboration. Cross‑cloud querying will significantly reduce vendor lock‑in costs in multi‑cloud environments, giving CTOs more flexibility when selecting AI data infrastructure.
· Investor Perspective: The full release of the MCP Toolbox marks a natural‑language interaction advance between cross‑system agents and complex data formats. Core technology companies specialising in multi‑modal databases and AI‑native database engines are entering a second high‑growth phase. At the same time, the openness of the Iceberg ecosystem will stimulate startup opportunities in metadata services, data federation engines, and data governance.
03|Vastbase Plans Private Placement of Up to RMB 702M, Doubles Down on HTAP & Multi‑Modal Time‑Series Database
On the evening of May 11, Vastbase (603138.SH) announced a private placement of A‑shares to raise a total of no more than RMB 702 million (including issuance expenses). The net proceeds will fund two core projects: the next‑generation high‑performance hybrid transaction/analytical database construction project (RMB 489 million) and the multi‑modal time‑series database construction project (RMB 213 million).
Vastbase's self‑developed database, Vastbase, is a purely domestic relational database product with complete independent intellectual property rights. It has passed national security and reliability assessments and achieved large‑scale deployment in key industries such as government, finance, telecommunications, manufacturing, and energy.
· DBA Perspective: Gaps in hybrid workload and multi‑modal time‑series storage, data synchronisation, and query capabilities within Vastbase's customer base are likely to be filled in the coming years. DBAs should include Vastbase's new positive signals in early‑stage evaluations when selecting hybrid transaction processing and time‑series technology paths.
· CTO Perspective: The private placement's heavy focus on HTAP and multi‑modal time‑series databases indicates that Vastbase may soon deliver more flexible high‑performance cross‑domain data processing capabilities. CTOs can add Vastbase's upcoming product lines to their POC shortlists for multi‑modal selection.
· Investor Perspective: The RMB 702 million investment injects significant momentum into the HTAP and multi‑modal time‑series tracks, enhancing Vastbase's differentiated competitiveness in areas such as new‑generation computing centres, industrial IoT, and smart vehicles. The subscription enthusiasm and multiple from institutional investors will be key indicators of market confidence. However, it should be noted that Vastbase has recorded four consecutive years of losses and negative operating cash flow in Q1, so improved profitability after the placement is the core variable for valuation recovery.
04|Alibaba Cloud PolarDB Launches AI Data Lakehouse Lakebase: Lakehouse Integration Accelerates AI Adoption
At the recent 2026 PolarDB Developer Conference, Alibaba Cloud officially released Lakebase, an AI data lakehouse, along with a series of new product capabilities. Lakebase is built on open data lake specifications, combining the cost‑effectiveness of a data lake with the integrated capabilities of a data warehouse. Alibaba Cloud announced that PolarDB now has over 20,000 customers worldwide, with more than 3 million cores deployed across 86 availability zones globally. According to PolarDB, "Lakebase has begun grey‑scale invitation testing on the Alibaba Cloud official website, aiming to provide a cheaper, faster, and more efficient data lake system for machine learning and large language models."
The PolarDB conference also released previews of managed capabilities for AI agent application development and model operatorisation. The previously released DB‑GPT framework allows users to perform large‑model fine‑tuning and RAG experiments directly within the database.
· DBA Perspective: Lakebase will further ease the cost pressure of unified rapid analysis on massive accumulated data. Traditional DBAs spend significant time on full‑data format cleaning, movement, and storage tiering; Lakebase's lakehouse integration will gradually decouple these tasks. DBAs must simultaneously learn the table constraints and performance baselines that align with lakehouse integration and model operatorisation to ensure SLA compliance for diverse agent query workloads.
· CTO Perspective: The deployment scale of over 20,000 customers and 86 availability zones demonstrates PolarDB's differentiated value as a highly elastic AI‑enhanced data platform. Lakebase simplifies the movement of structured and unstructured data, significantly reducing the time to value for multi‑modal AI data governance.
· Investor Perspective: The Lakebase launch is a key product addition in Alibaba Cloud's strategy to solidify its leadership in intelligent data. It signals that Alibaba Cloud is seeking positive paid conversion through the intelligent upgrade of data infrastructure. Revenue data over the coming quarters is worth continuous tracking. Alibaba Cloud's dual AI evolution in both public cloud and on‑premises deployments will help it gain stronger pricing power in the hybrid data management space.
05|AWS Aurora Serverless V4 GA + DSQL Updates: Paving the Way for AI Agent Burst Workloads
On May 9, AWS announced the upgrade of Aurora Serverless to Platform Version 4. New capabilities significantly optimise elastic scaling: scaling speed during demand peaks improves by 45%, and database performance increases by up to 30% through better resource scheduling and workload‑aware scaling decisions. The design directly targets the burst workload characteristics of AI agents – allowing serverless clusters to scale to zero during idle periods to reduce costs, while rapidly spinning up during high‑concurrency agent collaboration.
Aurora DSQL also added support for JSON data types and optional compression, further accelerating semi‑structured data processing and ensuring seamless compatibility with native PostgreSQL tools. AWS also enhanced Aurora DSQL to support globally consistent financial transactions, replacing complex distributed architectures with a global database layer offering strong consistency and high availability across multiple regions.
· DBA Perspective: Aurora Serverless V4 sets a new industry benchmark for dynamic scaling in serverless databases. DBAs have long faced the dilemma of "provisioning large resources for peak bursts" versus "wasting resources on over‑provisioning". V4's elastic architecture brings capacity provisioning close to instant elasticity. After deployment, DBAs should prepare risk plans for precise scaling decisions during periods of fluctuating agent workflow data access patterns.
· CTO Perspective: A 45% improvement in peak scaling speed and 30% performance optimisation creates a clear ROI advantage for CTOs when selecting technologies for agent‑class applications. Aurora DSQL's JSON support makes the AWS platform more adaptable to the semi‑structured data needs of IoT and internet‑native applications.
· Investor Perspective: The combination of Aurora Serverless V4 and DSQL JSON support represents AWS's underlying investment in universally elastic infrastructure to increase the paid penetration rate of cloud AI data infrastructure commercialisation. Capital markets will continue to watch the contribution of serverless database product revenue growth to AWS's Q2 earnings.
📅 Recent Industry Conference Recap (May 6–12)
Date Event Core Highlights
May 6–7 Global Data Week 2026 (Tech Week Shanghai) Focused on AI agents, compute power, and data assets; built a core platform for international cooperation in Asia‑Pacific's data industry
Early May Global Digital Cloud 2026 (China virtual) Explored cloud‑native databases, multi‑modal convergence, and AI integration; dozens of industry leaders shared trends
May 7–9 Google Cloud Next‘26 (San Francisco & worldwide) Gemini Enterprise paid monthly actives +40%; MCP Toolbox and cross‑cloud Iceberg lakehouse launched; AI infrastructure strategy fully upgraded
May 8–9 Wiz ZeroDay.Cloud Security Conference (hybrid) AI security tool Xint Code exposed 20‑year pgcrypto flaws, LiteLLM pre‑auth injection, and other high‑risk open‑source DB vulnerabilities, triggering global security community responses
May 8 2026 Mobile Cloud Conference (Suzhou) Dameng DM9 demonstrated "five‑in‑one" architecture; 256‑node operator cluster became a standard for telecom industry domestic replacement
May 9 2026 China Economic Annual Observation & Xinhua Finance Global Ecosystem Partners Conference (Deqing, Zhejiang) OceanBase CEO Yang Bing articulated the core need for multi‑modal data lake foundations in the AI era: "Building an open, real‑time, multi‑modal, hybrid data lake is the core problem for the technology foundation"
May 10 2026 China Petroleum & Petrochemical IT Exchange Conference (Beijing, May 13–15) Theme: "Digital‑real integration, intelligent future"; DolphinDB to keynote on empowering full‑process digital transformation in the oil industry
May 10 CISA adds LiteLLM vulnerability to KEV catalog; multiple security agencies assess AI middleware risks Marked an industry‑wide upgrade in AI infrastructure supply chain security – government unification of monitoring triggers high‑spec enterprise AI security audits
May 11 Vastbase announces private placement of up to RMB 702M Funds next‑generation HTAP database and multi‑modal time‑series database projects; doubling down on HTAP and multi‑modal tracks
May 29 Tencent Cloud "Database + AI" product launch (scheduled) First complete presentation of Tencent Cloud's AI‑In‑Database strategy, including six core highlights: Agent "memory brain", database Agent tool suite, multi‑modal vector hybrid search, and cloud‑native architecture 2.0
📌 Issue Summary
News Core Keywords DBA Actions CTO/Decision‑Maker Focus Investor Perspective
CISA adds LiteLLM to KEV catalog AI gateway pre‑auth injection, single‑point amplifier Work with security teams to enforce least‑privilege access for AI middleware; keep it away from production storage Make AI middleware attack surface assessment a mandatory regular exercise Government raises AI infrastructure vulnerabilities to systemic threat; security vendor valuation logic becomes clearer
Google Cloud Next‘26 strategy Gemini paid MAU +40%, MCP Toolbox, full‑stack AI, cross‑cloud Iceberg lakehouse Transition from hand‑tuning SQL to "built‑in access policy manager" for AI agents; build multi‑modal query tuning skills Cross‑cloud queries reduce vendor lock‑in; multi‑modal data foundation energises agent platforms Head cloud vendors drive AI infrastructure procurement; investment window opens for multi‑modal DB and data governance startups
Vastbase private placement (RMB 702M) HTAP & time‑series shortfalls, large‑scale financing Add Vastbase's HTAP and time‑series capabilities to shortlist for POC prioritisation Vastbase may accelerate multi‑modal delivery, addressing hybrid workload gaps Subscription uptake is a key value metric for Xinchuang‑focused investment window
Alibaba Cloud PolarDB Lakebase Lakehouse integration, model operatorisation, model hosting Plan lakehouse compute baselines to ensure SLA compliance for diverse agent queries Lakebase dramatically shortens governance cycles for structured/unstructured AI workloads Lakebase may drive higher AI product purchase conversion; PolarDB could see renewed paid growth in coming quarters
AWS Aurora Serverless V4 GA + DSQL JSON 45% faster scaling, serverless elasticity, financial strong consistency Prepare scaling contingency plans for agent workload volatility; use elastic architecture to boost resource efficiency Elastic serverless enables on‑demand scaling, reducing frozen compute costs during AI peaks Serverless database paid penetration rate is an important watch item in AWS's quarterly earnings
HiddenMerit Team Production
Slogan: 绩优隐于内,金石启新程 | Hidden deep. Merit bold. Forge ahead.
No comments yet