CVE-2026-8054— Unauthenticated SQL Injection in dotCMS Publish Audit API
Possible ATT&CK Techniques 3AI
T1059 · Command and Scripting Interpreter T1005 · Data from Local System T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 2
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| dotCMS | dotCMS Core | 25.11.04-1≤ 26.04.28-02 | affected |
26.04.28-03 | unaffected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-8054
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unauthenticated SQL Injection in dotCMS Publish Audit API
Source: NVD (National Vulnerability Database)
Vulnerability Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in the Publish Audit API endpoints (/api/auditPublishing/get and /api/auditPublishing/getAll) in dotCMS Core 25.11.04-1 through 26.04.28-02 allows remote unauthenticated attackers to read, modify, or destroy arbitrary database content. The endpoints did not enforce authentication and accepted unsanitized input used in dynamically constructed SQL. The fix in dotCMS Core 26.04.28-03 requires an authenticated backend user with the publishing-queue portlet permission. LTS releases are not affected as the vulnerable code path was never backported.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
DotCMS 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
DotCMS是DotCMS公司的一个用 Java 编写的开源内容管理系统。用于管理内容和内容驱动的站点和应用程序。 DotCMS Core 25.11.04-1版本至26.04.28-02版本存在安全漏洞,该漏洞源于Publish Audit API端点未实施身份验证且接受未清理输入,可能导致远程未经身份验证的攻击者读取、修改或销毁任意数据库内容。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| dotCMS | dotCMS Core | 25.11.04-1 ~ 26.04.28-02 | - |
II. Public POCs for CVE-2026-8054
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-8054
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-8054 (1)
Vendor Advisories for CVE-2026-8054 (1)
IV. Related Vulnerabilities
Same weakness: CWE-89
- CVE-2026-10620
code-projects Student Admission System index.php sql injecti - CVE-2026-5073
ARMember Premium <= 7.3.1 - Unauthenticated SQL Injection vi - CVE-2026-5074
ARMember Premium <= 7.3.1 - Authenticated (Subscriber+) SQL - CVE-2026-10608
DedeCMS carbuyaction.php RemoveXSS sql injection - CVE-2026-10607
DedeCMS flink.php dede_htmlspecialchars sql injection
V. Comments for CVE-2026-8054
No comments yet