Corteza EUVD-2026-29079

Q: What is the CVSS score of EUVD-2026-29079?

EUVD-2026-29079 has a CVSS 4.0 base score of 6.0 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.0%.

| CVE-2026-6093 MEDIUM

SQL Injection (CWE-89)

2026-05-11 Fluid Attacks

GHSA-fcwm-j73v-xh2m

SQLi Microsoft

6.0

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

May 11, 2026 - 18:00 vuln.today

CVSS changed

May 11, 2026 - 16:22 NVD

6.0 (MEDIUM)

CVE Published

May 11, 2026 - 14:03 nvd

MEDIUM 6.0

CVE Published

May 11, 2026 - 14:03 nvd

UNKNOWN (no severity yet)

DescriptionNVD

Corteza contains a SQL injection vulnerability in its Microsoft SQL Server (MSSQL) backend when filtering Compose records by the meta field.This issue affects corteza: 2024.9.8.

AnalysisAI

SQL injection in Corteza 2024.9.8 allows authenticated remote attackers to execute arbitrary SQL queries against the Microsoft SQL Server backend when filtering Compose records by the meta field, potentially leading to unauthorized data access or manipulation. Exploitation requires valid user credentials and attacker control over filter parameters.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory