CVE Catalog

CVE-2026-54185

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Summary

Subscriber SQL Injection vulnerability in Cornerstone versions below 7.8.8 allows attackers to execute malicious SQL queries.

Risk Assessment

Exploitation of this vulnerability could lead to unauthorized access to database information, posing a serious security threat to the organization.

Recommendation

It is recommended to upgrade to Cornerstone version 7.8.8 or later to mitigate this vulnerability.

Original NVD description (English source)

Subscriber SQL Injection in Cornerstone < 7.8.8 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS