CVE-2025-57792

Critical CVSS: 10.0

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user input in a web application endpoint. An attacker can supply crafted input that is executed as part of backend database queries. The issue is exploitable without authentication, significantly raising the risk.

Vendor

Explorance

Product

Blue

CWE

CWE-89

Yayın Tarihi

2026-01-28 18:16:49

Güncelleme

2026-02-05 17:01:13

Source Identifier

mandiant-cve@google.com

KEV Date Added

Kategoriler

CWE-89 Blue CRITICAL Explorance 2026

Referanslar

https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0001.md https://online-help.explorance.com/blue/articles/security-advisories-(january-2026) https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57792 https://www.explorance.com/products/blue

Benzer Kayıtlar

High

CVE-2025-57793

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user…

Critical

CVE-2025-57794

Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administ…

Critical

CVE-2025-57795

Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service c…

Medium

CVE-2025-57796

Explorance Blue versions prior to 8.14.12 use reversible symmetric encryption with a hardcoded static key to protect sen…

Medium

CVE-2025-52344

Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in Explorance Blue 8.1.2 allows attackers to inject…