Is there a public PoC exploit available for CVE-2026-6562?

Yes, a public proof-of-concept exploit is available for CVE-2026-6562. Prioritise patching immediately. EPSS: 0.0%.

CVE-2026-6562

Q: What is the CVSS score of CVE-2026-6562?

CVE-2026-6562 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

EUVD-2026-23688 MEDIUM

SQL Injection (CWE-89)

2026-04-19 VulDB

GHSA-7786-mqff-chgr

SQLi

5.5

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

CVSS changed

Apr 29, 2026 - 01:12 NVD

6.9 (MEDIUM) 5.5 (MEDIUM)

PoC Detected

Apr 29, 2026 - 01:00 vuln.today

Public exploit code

Severity Changed

Apr 19, 2026 - 09:22 NVD

HIGH MEDIUM

CVSS changed

Apr 19, 2026 - 09:22 NVD

7.3 (HIGH) 6.9 (MEDIUM)

Analysis Generated

Apr 19, 2026 - 08:48 vuln.today

EUVD ID Assigned

Apr 19, 2026 - 08:45 euvd

EUVD-2026-23688

Analysis Generated

Apr 19, 2026 - 08:45 vuln.today

CVE Published

Apr 19, 2026 - 08:15 nvd

MEDIUM 5.5

DescriptionNVD

A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

SQL injection in dameng100 muucmf 1.9.5.20260309 allows remote unauthenticated attackers to compromise database confidentiality, integrity, and availability via the 'keyword' parameter in /index/Search/index.html. Public exploit code is available (thinhneee.github.io), increasing immediate exploitation risk. …

RemediationAI

Within 24 hours: Identify all instances of muucmf 1.9.5.20260309 in production and development environments using asset discovery tools; disable or restrict network access to /index/Search/index.html endpoint. Within 7 days: Implement Web Application Firewall (WAF) rules to block SQL injection patterns targeting the 'keyword' parameter; monitor database logs for anomalous queries. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-6562 vulnerability details – vuln.today

Back

CVE-2026-6562

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Analysis

Full analysis requires sign-in

Share

CVE-2026-6562

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code