Is there a public PoC exploit available for CVE-2026-5563?

Yes, a public proof-of-concept exploit is available for CVE-2026-5563. Prioritise patching immediately. EPSS: 0.0%.

Frostmourne CVE-2026-5563

Q: What is the CVSS score of CVE-2026-5563?

CVE-2026-5563 has a CVSS 4.0 base score of 2.1 (Low). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-19073 LOW

SQL Injection (CWE-89)

2026-04-05 VulDB

GHSA-r94v-5xq4-h7ph

SQLi Frostmourne

2.1

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

2.1 LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Severity Changed

Apr 29, 2026 - 01:11 NVD

MEDIUM LOW

CVSS changed

Apr 29, 2026 - 01:11 NVD

5.3 (MEDIUM) 2.1 (LOW)

PoC Detected

Apr 07, 2026 - 13:20 vuln.today

Public exploit code

EUVD ID Assigned

Apr 05, 2026 - 11:30 euvd

EUVD-2026-19073

Analysis Generated

Apr 05, 2026 - 11:30 vuln.today

CVE Published

Apr 05, 2026 - 11:15 nvd

MEDIUM 5.3

DescriptionCVE.org

A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affected is the function httpTest of the file /api/monitor-api/alarm/previewData of the component Alarm Preview. The manipulation results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

AnalysisAI

SQL injection in AutohomeCorp Frostmourne up to version 1.0 allows authenticated remote attackers to execute arbitrary SQL queries through the /api/monitor-api/alarm/previewData endpoint's httpTest function, potentially leading to unauthorized data access, modification, or system compromise. Publicly available exploit code exists, elevating real-world risk despite the CVSS 6.3 (medium) rating.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	This vulnerability presents moderate-to-elevated real-world risk despite its CVSS 6.3 (medium) score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An authenticated Frostmourne user with access to the Alarm Preview functionality could craft a malicious HTTP request to the /api/monitor-api/alarm/previewData endpoint, injecting SQL code into the httpTest parameter. For example, an attacker might append OR '1'='1 or UNION-based payloads to extract sensitive data from the underlying database, such as user credentials, monitoring configurations, or alarm history. …
Remediation	Upgrade AutohomeCorp Frostmourne to a patched version beyond 1.0 as soon as the vendor releases a fixed release. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-5563 vulnerability details – vuln.today

Back