Home / Vulnerability Intelligence / CVE-2026-6887

CVE-2026-6887 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: April 23, 2026

BorG Technology Corporation Borg SPM - SQL Injection

Published: April 23, 2026Updated: April 23, 2026Remote Exploitable

Overview

BorG Technology Corporation Borg SPM 2007 contains a sql injection caused by unsanitized input, letting unauthenticated remote attackers read, modify, and delete database contents.

Severity & Score

Severity: Critical

CVSS Score: 9.8

Impact

Unauthenticated remote attackers can read, modify, and delete database contents, potentially compromising the entire database.

Mitigation

Update to the latest available version or apply vendor patches if available.

References

https://www.twcert.org.tw/en/cp-139-10863-2f48e-2.html
https://www.twcert.org.tw/tw/cp-132-10861-b8709-1.html

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-6887
Severity: Critical
CVSS Score: 9.8
Type: sql_injection
Status: new

CWE

CWE-89

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H