CVE-2026-0603

HIGH

Red Hat AMQ Broker 7 - SQL Injection via InlineIdsOrClauseBuilder ID Column

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-0603. PoCs published by EQSTLab.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2026-0603, demonstrating a vulnerability in a Spring Boot application with JPA/Hibernate. The exploit leverages improper handling of bulk operations in a multi-table inheritance scenario, allowing unauthorized data manipulation.

Description

A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection vulnerability by providing specially crafted, unsanitized non-alphanumeric characters in the ID column when the InlineIdsOrClauseBuilder is used. This could lead to sensitive information disclosure, such as reading system files, and allow for data manipulation or deletion within the application's database, resulting in an application level denial of service.

Exploits (1)

nomisec WORKING POC

by EQSTLab · poc

https://github.com/EQSTLab/CVE-2026-0603

View Code ZIP pw:eip

This repository contains a functional exploit PoC for CVE-2026-0603, demonstrating a vulnerability in a Spring Boot application with JPA/Hibernate. The exploit leverages improper handling of bulk operations in a multi-table inheritance scenario, allowing unauthorized data manipulation.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Spring Boot with JPA/Hibernate (specific version not specified)

No auth needed

Prerequisites: Access to the vulnerable endpoint · Knowledge of target usernames

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Apr 23, 2026 Full analysis →

References (8)

Core 8

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:6012

https://access.redhat.com/errata/RHSA-2026:6012

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2026-0603

Issue Tracking issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2427147

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:4915

https://access.redhat.com/errata/RHSA-2026:4915

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:4916

https://access.redhat.com/errata/RHSA-2026:4916

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:4917

https://access.redhat.com/errata/RHSA-2026:4917

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:4924

https://access.redhat.com/errata/RHSA-2026:4924

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:6011

https://access.redhat.com/errata/RHSA-2026:6011

Scores

CVSS v3 8.3

EPSS 0.0007

EPSS Percentile 22.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-89

Status published

Products (25)

org.hibernate/hibernate-core 5.2.8Maven

Red Hat/Red Hat AMQ Broker 7

Red Hat/Red Hat build of OptaPlanner 8

Red Hat/Red Hat Data Grid 8

Red Hat/Red Hat Fuse 7

Red Hat/Red Hat JBoss Enterprise Application Platform 5.3.38.Final-redhat-00001

Red Hat/Red Hat JBoss Enterprise Application Platform 7

Red Hat/Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:5.1.17-4.Final_redhat_00005.1.ep7.el7

Red Hat/Red Hat JBoss Enterprise Application Platform 7.1 EUS for RHEL 7 0:7.1.14-4.GA_redhat_00003.1.ep7.el7

Red Hat/Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 0:5.3.38-1.Final_redhat_00001.1.el7eap

... and 15 more

Published Jan 23, 2026

Tracked Since Feb 18, 2026