CVE-2026-6093 - Vulnerability Details - OpenCVE

Corteza contains a SQL injection vulnerability in its Microsoft SQL Server (MSSQL) backend when filtering Compose records by the meta field.This issue affects corteza: 2024.9.8.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements Present

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cortezaproject	Corteza

No data.

No data.

References

Link	Providers
https://www.spirityenterprise.com/managed-detection-response-microsoft
https://www.spirityenterprise.com/pentest
https://fluidattacks.com/es/advisories/motley
https://github.com/cortezaproject/corteza

History

Mon, 11 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
Description		Corteza contains a SQL injection vulnerability in its Microsoft SQL Server (MSSQL) backend when filtering Compose records by the meta field.This issue affects corteza: 2024.9.8.
Title		Corteza 2024.9.8 - SQL Injection in MSSQL JSON-path meta filter via incorrect T-SQL string escaping
First Time appeared		Cortezaproject Cortezaproject corteza
Weaknesses		CWE-89
CPEs		cpe:2.3:a:cortezaproject:corteza:2024.9.8::linux::::: cpe:2.3:a:cortezaproject:corteza:2024.9.8::macos::::: cpe:2.3:a:cortezaproject:corteza:2024.9.8::windows:::::
Vendors & Products		Cortezaproject Cortezaproject corteza
References		https://fluidattacks.com/es/advisories/motley https://github.com/cortezaproject/corteza
Metrics		cvssV4_0 `{'score': 6, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: Fluid Attacks

Published: 2026-05-11T14:03:05.663Z

Updated: 2026-05-11T14:03:05.663Z

Reserved: 2026-04-10T16:08:10.755Z

Link: CVE-2026-6093

Vulnrichment

No data.

NVD

Status : Received

Published: 2026-05-11T16:17:36.800

Modified: 2026-05-11T16:17:36.800

Link: CVE-2026-6093

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6093", "assignerOrgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869", "state": "PUBLISHED", "assignerShortName": "Fluid Attacks", "dateReserved": "2026-04-10T16:08:10.755Z", "datePublished": "2026-05-11T14:03:05.663Z", "dateUpdated": "2026-05-11T14:03:05.663Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows", "MacOS", "Linux"], "product": "corteza", "vendor": "cortezaproject", "versions": [{"status": "affected", "version": "2024.9.8"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cortezaproject:corteza:2024.9.8:*:windows:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:cortezaproject:corteza:2024.9.8:*:macos:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:cortezaproject:corteza:2024.9.8:*:linux:*:*:*:*:*", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Fluid Attacks' AI SAST Scanner"}, {"lang": "en", "type": "finder", "value": "Oscar Uribe"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Corteza contains a SQL injection vulnerability in its Microsoft SQL Server (MSSQL) backend when filtering Compose records by the </span><code>meta</code><span style=\"background-color: rgb(255, 255, 255);\"> field.</span><p>This issue affects corteza: 2024.9.8.</p>"}], "value": "Corteza contains a SQL injection vulnerability in its Microsoft SQL Server (MSSQL) backend when filtering Compose records by the meta field.This issue affects corteza: 2024.9.8."}], "impacts": [{"capecId": "CAPEC-7", "descriptions": [{"lang": "en", "value": "CAPEC-7 Blind SQL Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 6, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869", "shortName": "Fluid Attacks", "dateUpdated": "2026-05-11T14:03:05.663Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://fluidattacks.com/es/advisories/motley"}, {"tags": ["product"], "url": "https://github.com/cortezaproject/corteza"}], "source": {"discovery": "UNKNOWN"}, "title": "Corteza 2024.9.8 - SQL Injection in MSSQL JSON-path meta filter via incorrect T-SQL string escaping", "x_generator": {"engine": "Vulnogram 0.2.0"}}}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Corteza contains a SQL injection vulnerability in its Microsoft SQL Server (MSSQL) backend when filtering Compose records by the meta field.This issue affects corteza: 2024.9.8."}], "id": "CVE-2026-6093", "lastModified": "2026-05-11T16:17:36.800", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "help@fluidattacks.com", "type": "Secondary"}]}, "published": "2026-05-11T16:17:36.800", "references": [{"source": "help@fluidattacks.com", "url": "https://fluidattacks.com/es/advisories/motley"}, {"source": "help@fluidattacks.com", "url": "https://github.com/cortezaproject/corteza"}], "sourceIdentifier": "help@fluidattacks.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "help@fluidattacks.com", "type": "Primary"}]}