7 vulnerabilities classified as CWE-564 (SQL注入:Hibernate). AI Chinese analysis included.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4594 | erupts erupt EruptJpaUtils.java geneEruptHqlOrderBy sql injection — erupt | 7.3 | High | 2026-03-23 |
| CVE-2026-4593 | erupts erupt MCP Tool EruptDataQuery.java EruptDataQuery sql injection — erupt | 6.3 | Medium | 2026-03-23 |
| CVE-2026-23959 | CoreShop Vulnerable to SQL Injection via Admin customer-company-modifier — CoreShop | 4.9AI | MediumAI | 2026-01-22 |
| CVE-2026-22242 | CoreShop Vulnerable to SQL Injection via Admin Reports — CoreShop | 4.9 | Medium | 2026-01-08 |
| CVE-2025-8052 | HQL Injection vulnerability has been discovered in Opentext Flipper. — Flipper | 8.1AI | HighAI | 2025-10-20 |
| CVE-2024-48988 | Apache StreamPark: SQL injection vulnerability — Apache StreamPark | 9.8 | - | 2025-08-22 |
| CVE-2025-0959 | Eventer - WordPress Event & Booking Manager Plugin <= 3.9.9.2 - Authenticated (Subscriber+) SQL Injection via reg_id — Eventer - WordPress Event & Booking Manager Plugin | 8.8 | High | 2025-03-07 |
Vulnerabilities classified as CWE-564 (SQL注入:Hibernate) represent 7 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.