Skip to main content

Anchore Enterprise CVE-2026-25076

HIGH
SQL Injection (CWE-89)
2026-03-13 disclosure@vulncheck.com
8.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
CVSS changed
Apr 15, 2026 - 15:22 NVD
7.3 (HIGH) 8.5 (HIGH)
Analysis Generated
Mar 13, 2026 - 20:00 vuln.today
CVE Published
Mar 13, 2026 - 19:54 nvd
HIGH 7.3

DescriptionCVE.org

Anchore Enterprise versions before 5.25.1 contain an SQL injection vulnerability in the GraphQL Reports API. An authenticated attacker that is able to access the GraphQL API could execute arbitrary SQL instructions resulting in modifications to the data contained in the Anchore Enterprise database.

AnalysisAI

CVE-2026-25076 is an SQL injection vulnerability in the GraphQL Reports API of Anchore Enterprise versions before 5.25.1, allowing authenticated attackers to execute arbitrary SQL commands and modify database contents. With a CVSS score of 7.3 and low EPSS score (0.02%), this vulnerability requires authentication and adjacent network access, making it a moderate priority for organizations using Anchore Enterprise in their container security infrastructure.

Technical ContextAI

The vulnerability exists in Anchore Enterprise, a container security and compliance platform that provides vulnerability scanning and policy enforcement for containerized applications. The SQL injection flaw (CWE-89) occurs in the GraphQL Reports API endpoint, where user-supplied input is not properly sanitized before being incorporated into SQL queries. GraphQL APIs are particularly susceptible to injection attacks when field resolvers directly construct SQL queries without proper parameterization. While no specific CPE identifiers were provided in the data, the affected product is Anchore Enterprise versions prior to 5.25.1.

Affected ProductsAI

Anchore Enterprise versions before 5.25.1 are affected. The vulnerability specifically impacts the GraphQL Reports API component within these versions. Organizations should inventory all Anchore Enterprise deployments and identify instances running versions earlier than 5.25.1. The vendor's main platform information is available at https://anchore.com/platform/.

RemediationAI

The primary remediation is to upgrade to Anchore Enterprise version 5.25.1 or later, which contains the fix for this SQL injection vulnerability. Full release notes and upgrade instructions are available at https://docs.anchore.com/current/docs/release_notes/enterprise/5251/. As an interim mitigation, organizations should restrict access to the GraphQL API to only trusted users and ensure proper network segmentation to enforce the adjacent network requirement. Monitor GraphQL API access logs for suspicious query patterns that might indicate exploitation attempts.

Share

CVE-2026-25076 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy