CVE-2026-4594

HIGH

erupts erupt EruptJpaUtils.java geneEruptHqlOrderBy sql injection

Title source: cna

Description

A vulnerability has been found in erupts erupt up to 1.13.3. Affected by this issue is the function geneEruptHqlOrderBy of the file erupt-data/erupt-jpa/src/main/java/xyz/erupt/jpa/dao/EruptJpaUtils.java. Such manipulation of the argument sort.field leads to sql injection hibernate. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

References (4)

Core 4

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-352431 | erupts erupt EruptJpaUtils.java geneEruptHqlOrderBy sql injection

https://vuldb.com/?id.352431

Signature, Permissions Required signature permissions-required

VDB-352431 | CTI Indicators (IOB, IOC, IOA)

https://vuldb.com/?ctiid.352431

Third Party Advisory third-party-advisory

Submit #775594 | erupts erupt erupt <= 1.13.3 Improper Input Validation

https://vuldb.com/?submit.775594

Exploit exploit

https://fx4tqqfvdw4.feishu.cn/docx/ETWUdbPk1oCC56xoEWHc3Q28nEc?from=from_copylink

Scores

CVSS v3 7.3

EPSS 0.0025

EPSS Percentile 16.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-564 CWE-89

Status published

Products (4)

erupts/erupt 1.13.0

erupts/erupt 1.13.1

erupts/erupt 1.13.2

erupts/erupt 1.13.3

Published Mar 23, 2026

Tracked Since Mar 23, 2026