Vulnerability Details CVE-2026-5964
EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 28.5%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2026-5964
-
cpe:2.3:a:digiwin:easyflow_.net:6.1.0
-
cpe:2.3:a:digiwin:easyflow_.net:6.6.17
-
cpe:2.3:a:digiwin:easyflow_.net:8.1.1
-
cpe:2.3:a:digiwin:easyflow_.net:8.1.2