CVE-2026-33643 | SchemaHero 0.23.0 Parameter column.go mysqlColumnAsInsert column sql injection

Inserito da Angelo Barbosa | Mar 30, 2026 | CVE

A vulnerability described as critical has been identified in SchemaHero 0.23.0. This issue affects the function mysqlColumnAsInsert in the library plugins/mysql/lib/column.go of the component Parameter Handler. Executing a manipulation of the argument column can lead to sql injection.

This vulnerability is handled as CVE-2026-33643. The attack can be executed remotely. There is not any exploit available.

CVE-2026-33643 | SchemaHero 0.23.0 Parameter column.go mysqlColumnAsInsert column sql injection

Post correlati

CVE-2024-55968 | DTEX DEC-M 6.1.1 com.DTEXsystems.helper Service submitQuery improper authorization

CVE-2025-45847 | ALFA AIP-W512 3.2.2.2.3 formWsc targetAPMac stack-based overflow

CVE-2023-48424 | Google Android U-Boot Shell Privilege Escalation

CVE-2024-23473 | SolarWinds Access Rights Manager up to 2023.2.3 RabbitMQ Management Console hard-coded credentials