CVE Catalog
CVE-2026-5963
CriticalSummary
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Risk Assessment
This vulnerability poses a serious risk to organizations by allowing attackers to access sensitive data and modify or delete it.
Recommendation
It is recommended to update EasyFlow .NET to the latest version and implement appropriate security measures to mitigate the risk of SQL injection.
Original NVD description (English source)
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

