Cyber Resilience

CVE-2025-69768

HighPublic PoC

Published: 16 March 2026

Published
16 March 2026
Modified
20 March 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0006 17.8th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-69768 is a high-severity SQL Injection (CWE-89) vulnerability in Chyrp Chyrp. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 17.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-69768 is a SQL injection vulnerability (CWE-89) affecting Chyrp versions 2.5.2 and earlier. The flaw resides in the Admin.php component, enabling a remote attacker to execute arbitrary SQL queries. It carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), reflecting high confidentiality impact with network accessibility, low attack complexity, and no requirements for privileges or user interaction.

A remote, unauthenticated attacker can exploit this vulnerability by sending crafted requests to the vulnerable Admin.php endpoint, allowing them to extract sensitive information from the database, such as user credentials or other confidential data stored by the Chyrp application.

References include the official Chyrp GitHub repository at https://github.com/chyrp/chyrp, a specific code location in Admin.php at https://github.com/chyrp/chyrp/blob/768dd2f7/includes/controller/Admin.php#L1482, and a security analysis at https://swetha-subramanian6.github.io/web%20security/cve/chyrp-sqli-cve/. No patches or mitigations are detailed in the provided CVE information.

EU & UK References

Vulnerability details

SQL Injection vulnerability in Chyrp v.2.5.2 and before allows a remote attacker to obtain sensitive information via the Admin.php component

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Direct remote unauthenticated exploitation of a public-facing web application component (Admin.php) via SQL injection for data access.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-39334Shared CWE-89
CVE-2024-13488Shared CWE-89
CVE-2026-20002Shared CWE-89
CVE-2025-1446Shared CWE-89
CVE-2025-22699Shared CWE-89
CVE-2026-36232Shared CWE-89
CVE-2026-31871Shared CWE-89
CVE-2026-33078Shared CWE-89
CVE-2026-46359Shared CWE-89
CVE-2025-22691Shared CWE-89

Affected Assets

chyrp
chyrp
≤ 2.5.2

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires validation and sanitization of all inputs to the Admin.php component, directly preventing SQL injection attacks like CVE-2025-69768.

prevent

Mandates timely identification, reporting, and remediation of flaws such as the SQL injection vulnerability in Chyrp Admin.php.

prevent

Enforces access control policies to restrict unauthenticated remote access to the vulnerable Admin.php endpoint.

References