SQL Injection Vulnerability in Database Management Systems by WordPress
CVE-2026-6888

7.2HIGH

Key Information:

Vendor: Advantech
Status: Saas Composer; Iotsuite Growth Linux Docker; Iotsuite Starter Linux Docker; Iot Edge Linux Docker
Vendor: CVE Published:; 13 May 2026

What is CVE-2026-6888?

This vulnerability allows remote authenticated attackers to exploit SQL injection flaws through a specific interface, potentially gaining unauthorized access to sensitive information within the database. Successful exploitation may enable attackers to execute arbitrary commands, leading to data modification or deletion, and ultimately putting the integrity of the database at risk.

Affected Version(s)

ECOWatch SaaS-Composer prior to version 3.4.17

IoT Edge Linux docker prior to version 2.2.0

IoT Edge Windows prior to version 2.2.0

References

https://www.csa.gov.sg/alerts-and-advisories/alerts/al-20...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2026
Vulnerability Reserved
Apr 23, 2026

Credit

Hoa Ly Van Huu

CVE-2026-6888 Data

JSON

Advantech

What is CVE-2026-6888?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit