Critical severity9.8NVD Advisory· Published Apr 20, 2026· Updated May 12, 2026
CVE-2026-5963
CVE-2026-5963
Description
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:digiwin:easyflow_.net:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:digiwin:easyflow_.net:*:*:*:*:*:*:*:*range: >=6.6.0,<=6.6.17
- cpe:2.3:a:digiwin:easyflow_.net:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:digiwin:easyflow_.net:8.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:digiwin:easyflow_.net:8.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:digiwin:easyflow_.net:8.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:digiwin:easyflow_.net:8.1.4:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
2- www.twcert.org.tw/en/cp-139-10832-05f3a-2.htmlnvdThird Party Advisory
- www.twcert.org.tw/tw/cp-132-10831-a734d-1.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.