cvedb.io
CVE-2026-25076
HIGH · CVSS 7.3
EPSS exploitation probability: 0%
Published 2026-03-13T19:54:18.827 · Last modified 2026-06-17T10:24:05.217

Summary

Anchore Enterprise versions before 5.25.1 contain an SQL injection vulnerability in the GraphQL Reports API. An authenticated attacker that is able to access the GraphQL API could execute arbitrary SQL instructions resulting in modifications to the data contained in the Anchore Enterprise database.

Does this affect you?

Add your gear to cvedb and we'll alert you only when a vendor you run ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.