What is the CVSS score of CVE-2026-31069?

CVE-2026-31069 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of BillaBear are affected by CVE-2026-31069?

BillaBear contains a SQL injection vulnerability exploitable by authenticated account managers, with publicly available technical documentation describing the attack vector.

BillaBear CVE-2026-31069

EUVD-2026-30946 HIGH

SQL Injection (CWE-89)

2026-05-19 mitre

GHSA-xp6r-8pcc-xv5p

SQLi N A

8.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

May 20, 2026 - 14:22 vuln.today

CVSS changed

May 20, 2026 - 14:22 NVD

8.8 (HIGH)

CVE Published

May 19, 2026 - 00:00 nvd

UNKNOWN (no severity yet)

DescriptionNVD

BillaBear (all versions prior to Jan 2026) contains a SQL Injection vulnerability in the EventRepository. User-controlled input from metric filter names and aggregation properties is directly interpolated into SQL queries using sprintf() without proper sanitization or identifier quoting. Although filter values are parameterized, the filter identifiers (keys) are not. An authenticated attacker with ROLE_ACCOUNT_MANAGER permissions can exploit this to execute arbitrary SQL commands.

AnalysisAI

SQL injection in BillaBear (all versions prior to January 2026) allows authenticated users holding the ROLE_ACCOUNT_MANAGER role to execute arbitrary SQL commands via the EventRepository component. The flaw stems from unsanitized filter identifier keys being concatenated into queries through sprintf(), and while no public exploit identified at time of analysis is listed in KEV, two CVE-referenced gists suggest detailed technical write-ups are publicly available. …

RemediationAI

24 hours: Audit all BillaBear deployments; restrict ROLE_ACCOUNT_MANAGER access to only essential personnel; disable account manager module access if operationally feasible. 7 days: Implement database activity monitoring with anomaly detection; enforce multi-factor authentication for account manager accounts; apply network-level restrictions to database access. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-31069 vulnerability details – vuln.today

Back

BillaBear CVE-2026-31069

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code