CVE-2025-57793HIGH 8.6EPSS p24.1%

CVE-2025-57793CVE-2025-57793

Description

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly elevating the risk.

Scoring

CVSS 3.18.6 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
EPSS0.33% probability of exploitation · percentile 24.1% · 2026-06-19T12:03:05Z
Published2026-01-28
Last modified2026-02-05

Underlying weaknesses· 1

CWE-89

References

  1. https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0002.md
  2. https://online-help.explorance.com/blue/articles/security-advisories-(january-2026)
  3. https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-57793
  4. https://www.explorance.com/products/blue

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection')cwe-890%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-57792
CVE
CVE-2025-57794
CVE
CVE-2025-57795
CVE
CVE-2025-52694
CVE
CVE-2025-40886
CVE
CVE-2025-48743
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.