{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-25076", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-01-28T21:47:35.121Z", "datePublished": "2026-03-12T21:07:46.502Z", "dateUpdated": "2026-03-13T13:08:47.633Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-12T21:07:46.502Z"}, "title": "Anchore Enterprise GraphQL Reports API SQL injection", "descriptions": [{"lang": "en", "value": "Anchore Enterprise versions before 5.25.1 contain an SQL injection vulnerability in the GraphQL Reports API. An authenticated attacker that is able to access the GraphQL API could execute arbitrary SQL instructions resulting in modifications to the data contained in the Anchore Enterprise database."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-89", "description": "SQL Injection", "type": "CWE"}]}], "affected": [{"defaultStatus": "unaffected", "product": "Anchore Enterprise", "vendor": "Anchore", "versions": [{"lessThan": "5.25.1", "status": "affected", "version": "0", "versionType": "semver"}]}], "cpeApplicability": [{"operator": "OR", "nodes": [{"operator": "OR", "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:anchore:anchore:*:*:*:*:enterprise:*:*:*", "versionEndExcluding": "5.25.1"}]}]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.5, "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "version": "3.1", "baseSeverity": "HIGH", "baseScore": 7.3, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}}], "references": [{"tags": ["release-notes", "patch"], "url": "https://docs.anchore.com/current/docs/release_notes/enterprise/5251/", "name": "Anchore Enterprise Release Notes - Version 5.25.1"}, {"tags": ["product"], "url": "https://anchore.com/platform/"}, {"name": "VulnCheck Advisory: Anchore Enterprise GraphQL Reports API SQL injection", "tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/anchore-enterprise-graphql-reports-api-sql-injection"}], "credits": [{"lang": "en", "type": "finder", "value": "Andrew Van Fleteren"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "vulncheck"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-13T13:07:51.786066Z", "id": "CVE-2026-25076", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-13T13:08:47.633Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Anchore Enterprise GraphQL Reports API SQL injection", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Andrew Van Fleteren"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Anchore", "product": "Anchore Enterprise", "versions": [{"status": "affected", "version": "0", "lessThan": "5.25.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://docs.anchore.com/current/docs/release_notes/enterprise/5251/", "name": "Anchore Enterprise Release Notes - Version 5.25.1", "tags": ["release-notes", "patch"]}, {"url": "https://anchore.com/platform/", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/anchore-enterprise-graphql-reports-api-sql-injection", "name": "VulnCheck Advisory: Anchore Enterprise GraphQL Reports API SQL injection", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "vulncheck"}, "descriptions": [{"lang": "en", "value": "Anchore Enterprise versions before 5.25.1 contain an SQL injection vulnerability in the GraphQL Reports API. An authenticated attacker that is able to access the GraphQL API could execute arbitrary SQL instructions resulting in modifications to the data contained in the Anchore Enterprise database."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "SQL Injection"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:anchore:anchore:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "versionEndExcluding": "5.25.1"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-03-12T21:07:46.502Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-25076", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-13T13:07:51.786066Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-13T13:08:41.365Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-25076", "state": "PUBLISHED", "dateUpdated": "2026-03-12T21:07:46.502Z", "dateReserved": "2026-01-28T21:47:35.121Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-03-12T21:07:46.502Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Anchore Enterprise versions before 5.25.1 contain an SQL injection vulnerability in the GraphQL Reports API. An authenticated attacker that is able to access the GraphQL API could execute arbitrary SQL instructions resulting in modifications to the data contained in the Anchore Enterprise database."}, {"lang": "es", "value": "Las versiones de Anchore Enterprise anteriores a la 5.25.1 contienen una vulnerabilidad de inyecci\u00f3n SQL en la API de informes GraphQL. Un atacante autenticado que pueda acceder a la API de GraphQL podr\u00eda ejecutar instrucciones SQL arbitrarias, lo que resultar\u00eda en modificaciones a los datos contenidos en la base de datos de Anchore Enterprise."}], "id": "CVE-2026-25076", "lastModified": "2026-04-15T14:56:45.970", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.2, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-03-13T19:54:18.827", "references": [{"source": "disclosure@vulncheck.com", "url": "https://anchore.com/platform/"}, {"source": "disclosure@vulncheck.com", "url": "https://docs.anchore.com/current/docs/release_notes/enterprise/5251/"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/anchore-enterprise-graphql-reports-api-sql-injection"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,5.25.1)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Anchore Enterprise", "source": "cna", "vendor": "Anchore"}, "product": "anchore", "vendor": "anchore"}], "analysis": {"en": {"generated_at": "2026-03-18T15:08:41.815015+00:00", "value": {"mitigation_remediation": ["Apply the Anchore Enterprise patch released in version 5.25.1 or later."], "summary": {"action": "Apply Patch", "impact": "SQL injection leading to unauthorized database modifications"}, "threat_synthesis": {"affected_systems": "The vulnerability applies to Anchore Enterprise deployments using any version earlier than 5.25.1. The affected component is the GraphQL Reports API service that processes authenticated user requests.", "description_and_impact": "Anchore Enterprise versions prior to 5.25.1 contain a flaw in the GraphQL Reports API that allows an attacker with valid authentication to inject and execute arbitrary SQL statements against the system database. This injection can modify, delete, or exfiltrate data stored within Anchore, thereby compromising data integrity and confidentiality.", "risk_and_exploitability": "The flaw has a CVSS score of 8.5, indicating high impact, while the EPSS score is less than 1%, suggesting a low probability of current exploitation. It is not listed in the CISA KEV catalog. Exploitation requires authenticated access to the GraphQL API, making it a threat primarily to privileged users or compromised accounts within the network."}}}}, "created": "2026-03-13T09:49:46.072069+00:00", "updated": "2026-03-23T10:00:23.171695+00:00", "vendors": ["anchore", "anchore$PRODUCT$anchore"]}