CVE-2026-27005 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.3, an unauth…

High CVSS: 8.8

CVE-2026-27005

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.3, an unauthenticated attacker can inject arbitrary SQL into queries executed against databases connected to Chartbrew (MySQL, PostgreSQL). This allows reading, modifying, or deleting data in those databases depending on the database user's privileges. This issue has been patched in version 4.8.3.

Vendor

Product

CWE

Yayın Tarihi

2026-03-06 05:16:30

Güncelleme

2026-03-10 14:04:01

Source Identifier

security-advisories@github.com

KEV Date Added

-

Kategoriler

CWE-89 Chartbrew HIGH Depomo 2026

Referanslar

https://github.com/chartbrew/chartbrew/releases/tag/v4.8.3 https://github.com/chartbrew/chartbrew/security/advisories/GHSA-w5rh-v333-qq6c

Benzer Kayıtlar

Medium

CVE-2026-27605

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…

High

CVE-2026-27603

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…

High

CVE-2026-25887

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…

High

CVE-2026-25888

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…

Medium

CVE-2026-25877

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create c…