CVE-2026-5963

· NIST NVD ↗

EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.

CRITICAL
CVSS severity
9.8
CVSS base score
2026-04-20
Published

CWE codes

CWE-89

Affected products

digiwin:easyflow_.net

Sources