cbcvebase.
CVE-2026-8025
published 2026-06-09

CVE-2026-8025: Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in MOSK Information Technologies Ltd. CBS Platform allows…

PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.27%
19.2th percentile
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in MOSK Information Technologies Ltd. CBS Platform allows SQL Injection. This issue affects CBS Platform: through 09062026. NOTE: The vendor was contacted and it was learned that the product is not supported.

Affected

4 ranges
VendorProductVersion rangeFixed in
github.comaxllent_mailpit>= 0 < 1.28.11.28.1
github.comaxllent_mailpit>= 0 < 0.0.0-202601100316140.0.0-20260110031614
github.comaxllent_mailpit>= 1.2.6 < 1.28.21.28.2
mosk_information_technologies_ltdcbs_platform<= 09062026
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.