Cyber Posture

CVE-2026-27697

Critical

Published: 31 March 2026

Published
31 March 2026
Modified
01 April 2026
KEV Added
Patch
CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0004 11.7th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-27697 is a critical-severity SQL Injection (CWE-89) vulnerability in Basercms Basercms. Its CVSS base score is 9.8 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 11.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly mitigates the SQL injection vulnerability by requiring timely identification, reporting, and patching of the flaw in baserCMS versions prior to 5.2.3.

SI-10 Information Input Validation good match
prevent

Prevents SQL injection exploitation in the blog posts component by enforcing input validation mechanisms to sanitize untrusted data before database queries.

RA-5 Vulnerability Monitoring and Scanning good match
detect

Detects the SQL injection vulnerability through regular vulnerability scanning of the baserCMS application, enabling proactive remediation.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Remote unauthenticated SQL injection in a public-facing web CMS component directly enables T1190 (Exploit Public-Facing Application) for initial access and arbitrary database operations.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3.

Deeper analysisAI

CVE-2026-27697 is a SQL injection vulnerability (CWE-89) in baserCMS, a website development framework. The flaw affects the blog posts component in versions prior to 5.2.3. Published on 2026-03-31, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), classifying it as critical due to its potential for severe impact.

Remote attackers require no authentication or user interaction to exploit the vulnerability over the network with low attack complexity. Successful exploitation enables high confidentiality, integrity, and availability impacts, such as executing arbitrary SQL queries to extract, modify, or delete database contents.

The issue has been patched in baserCMS version 5.2.3. Mitigation involves upgrading to this version or later. Additional details are provided in advisories at https://basercms.net/security/JVN_20837860, the GitHub release notes at https://github.com/baserproject/basercms/releases/tag/5.2.3, and the GitHub security advisory at https://github.com/baserproject/basercms/security/advisories/GHSA-vh89-rjph-2g7p.

Details

CWE(s)
CWE-89

Affected Products

basercms
basercms
≤ 5.2.3

CVEs Like This One

CVE-2026-30877Same product: Basercms Basercms
CVE-2026-21861Same product: Basercms Basercms
CVE-2026-32734Same product: Basercms Basercms
CVE-2026-30940Same product: Basercms Basercms
CVE-2026-30880Same product: Basercms Basercms
CVE-2025-32957Same product: Basercms Basercms
CVE-2026-3180Shared CWE-89
CVE-2025-1872Shared CWE-89
CVE-2026-32458Shared CWE-89
CVE-2026-24494Shared CWE-89

References