What is the CVSS score of CVE-2026-42475?

CVE-2026-42475 has a CVSS 3.1 base score of 6.5 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N. EPSS exploitation probability: 0.0%.

MixPHP Framework CVE-2026-42475

EUVD-2026-26676 MEDIUM

SQL Injection (CWE-89)

2026-05-01 mitre

PHP SQLi

6.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

None

Lifecycle Timeline

Analysis Generated

May 01, 2026 - 19:23 vuln.today

CVSS changed

May 01, 2026 - 19:22 NVD

6.5 (None) 6.5 (MEDIUM)

EUVD ID Assigned

May 01, 2026 - 16:00 euvd

EUVD-2026-26676

Analysis Generated

May 01, 2026 - 16:00 vuln.today

CVE Published

May 01, 2026 - 00:00 nvd

MEDIUM 6.5

DescriptionNVD

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted on array to the joinOn function in BuildHelper.php.

AnalysisAI

SQL injection in MixPHP Framework versions 2.0 through 2.2.17 allows unauthenticated remote attackers to execute arbitrary SQL queries by supplying crafted array parameters to the joinOn function in BuildHelper.php. The vulnerability has a CVSS score of 6.5 with network-accessible exploitation requiring no authentication or user interaction. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-42475 vulnerability details – vuln.today

Back

MixPHP Framework CVE-2026-42475

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Full analysis requires sign-in

Share

External POC / Exploit Code