ГлавнаяУязвимости → CVE-2025-57792
10критическая

CVE-2025-57792

Описание

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user input in a web application endpoint. An attacker can supply crafted input that is executed as part of backend database queries. The issue is exploitable without authentication, significantly raising the risk.

Затрагиваемое ПО
Explorance Blue
CVSS
Балл10 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0001.mdhttps://online-help.explorance.com/blue/articles/security-advisories-(january-2026)https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57792https://www.explorance.com/products/blue