CWE-89 SQL命令中使用的特殊元素转义处理不恰当(SQL注入) 类弱点 8810 条 CVE 漏洞汇总,含 AI 中文分析。
| CVE ID | 标题 | CVSS | 风险等级 | 发布日期 |
|---|---|---|---|---|
| CVE-2026-6978 | JiZhiCMS addcache.html htmlspecialchars_decode 注入漏洞 — JiZhiCMS | 4.7 | Medium | 2026-04-25 |
| CVE-2026-41478 | Saltcorn 未参数化同步接口SQL注入漏洞 — saltcorn | 10.0 | Critical | 2026-04-24 |
| CVE-2026-33078 | Roxy-WI haproxy_section_save SQL注入漏洞 — roxy-wi | 9.8AI | CriticalAI | 2026-04-24 |
| CVE-2026-31952 | Xibo CMS API 2.3.15 SQL注入漏洞 — xibo-cms | 7.6 | High | 2026-04-24 |
| CVE-2026-41460 | SocialEngine SQL注入漏洞 — SocialEngine | 9.8 | Critical | 2026-04-23 |
| CVE-2026-6887 | BorG SPM SQL注入漏洞 — Borg SPM 2007 | 9.8 | Critical | 2026-04-23 |
| CVE-2026-40529 | KANATA CMS ALAYA SQL注入漏洞 — CMS ALAYA | 6.5AI | MediumAI | 2026-04-23 |
| CVE-2026-41167 | Jellystat SQL注入漏洞 — Jellystat | 9.1 | Critical | 2026-04-22 |
| CVE-2026-6833 | aEnrich a+HRD SQL注入漏洞 — a+HRD | 6.5 | Medium | 2026-04-22 |
| CVE-2026-41457 | OwnTone SQL注入漏洞 — owntone-server | 7.5AI | HighAI | 2026-04-22 |
| CVE-2026-40906 | Electric SQL注入漏洞 — electric | 10.0 | Critical | 2026-04-21 |
| CVE-2026-41320 | Frappe HR SQL注入漏洞 — hrms | 6.5 | Medium | 2026-04-21 |
| CVE-2026-40887 | Vendure SQL注入漏洞 — vendure | 9.1 | Critical | 2026-04-21 |
| CVE-2025-41029 | Zeon Academy Pro SQL注入漏洞 — Zeon Academy Pro | 9.8AI | CriticalAI | 2026-04-21 |
| CVE-2026-6674 | WordPress plugin CMS für Motorrad Werkstätten SQL注入漏洞 — Plugin: CMS für Motorrad Werkstätten | 6.5 | Medium | 2026-04-21 |
| CVE-2026-39946 | OpenBao SQL注入漏洞 — openbao | 8.8 | - | 2026-04-21 |
| CVE-2026-35588 | glances 安全漏洞 — glances | 6.3 | Medium | 2026-04-20 |
| CVE-2025-66335 | Apache Doris MCP Server 安全漏洞 — Apache Doris MCP Server | 9.8AI | CriticalAI | 2026-04-20 |
| CVE-2026-6629 | Metasoft MetaCRM 安全漏洞 — MetaCRM | 7.3 | High | 2026-04-20 |
| CVE-2026-6628 | EcclesiaCRM 安全漏洞 — Ecclesia CRM | 6.3 | Medium | 2026-04-20 |
| CVE-2026-5964 | Digiwin EasyFlow .NET 安全漏洞 — EasyFlow .NET | 9.8 | Critical | 2026-04-20 |
| CVE-2026-5963 | Digiwin EasyFlow .NET 安全漏洞 — EasyFlow .NET | 9.8 | Critical | 2026-04-20 |
| CVE-2026-6595 | School Management System 安全漏洞 — School Management System | 7.3 | High | 2026-04-20 |
| CVE-2026-6562 | MuuCmf 安全漏洞 — muucmf | 7.3 | High | 2026-04-19 |
| CVE-2026-40482 | ChurchCRM 安全漏洞 — CRM | 8.8AI | HighAI | 2026-04-17 |
| CVE-2026-40285 | WeGIA 安全漏洞 — WeGIA | 8.8 | High | 2026-04-17 |
| CVE-2026-6490 | sms 安全漏洞 — sms | 7.3 | High | 2026-04-17 |
| CVE-2026-6488 | sms 安全漏洞 — sms | 6.3 | Medium | 2026-04-17 |
| CVE-2025-15625 | Sparx Systems Sparx Pro Cloud Server 安全漏洞 — Sparx Pro Cloud Server | 9.8AI | CriticalAI | 2026-04-17 |
| CVE-2026-34018 | CubeCart 安全漏洞 — CubeCart | 9.8AI | CriticalAI | 2026-04-17 |
CWE-89(SQL命令中使用的特殊元素转义处理不恰当(SQL注入)) 是常见的弱点类别,本平台收录该类弱点关联的 8810 条 CVE 漏洞。