Cyber Resilience

CVE-2026-27697

Medium

Published: 31 March 2026

Published
31 March 2026
Modified
01 April 2026
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0041 32.9th percentile
Risk Priority 35 floored blend · peak EPSS

Summary

CVE-2026-27697 is a medium-severity SQL Injection (CWE-89) vulnerability in Basercms Basercms. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 32.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2026-27697 is a SQL injection vulnerability (CWE-89) in baserCMS, a website development framework. The flaw affects the blog posts component in versions prior to 5.2.3. Published on 2026-03-31, it carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), classifying it as critical due to its potential for severe impact.

Remote attackers require no authentication or user interaction to exploit the vulnerability over the network with low attack complexity. Successful exploitation enables high confidentiality, integrity, and availability impacts, such as executing arbitrary SQL queries to extract, modify, or delete database contents.

The issue has been patched in baserCMS version 5.2.3. Mitigation involves upgrading to this version or later. Additional details are provided in advisories at https://basercms.net/security/JVN_20837860, the GitHub release notes at https://github.com/baserproject/basercms/releases/tag/5.2.3, and the GitHub security advisory at https://github.com/baserproject/basercms/security/advisories/GHSA-vh89-rjph-2g7p.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has a SQL injection vulnerability in blog posts. This issue has been patched in version 5.2.3.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Remote unauthenticated SQL injection in a public-facing web CMS component directly enables T1190 (Exploit Public-Facing Application) for initial access and arbitrary database operations.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-30877Same product: Basercms Basercms
CVE-2025-32957Same product: Basercms Basercms
CVE-2026-21861Same product: Basercms Basercms
CVE-2026-30940Same product: Basercms Basercms
CVE-2026-32734Same product: Basercms Basercms
CVE-2026-30880Same product: Basercms Basercms
CVE-2026-24956Shared CWE-89
CVE-2026-33615Shared CWE-89
CVE-2025-28939Shared CWE-89
CVE-2021-47872Shared CWE-89

Affected Assets

basercms
basercms
≤ 5.2.3

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly mitigates the SQL injection vulnerability by requiring timely identification, reporting, and patching of the flaw in baserCMS versions prior to 5.2.3.

prevent

Prevents SQL injection exploitation in the blog posts component by enforcing input validation mechanisms to sanitize untrusted data before database queries.

detect

Detects the SQL injection vulnerability through regular vulnerability scanning of the baserCMS application, enabling proactive remediation.

References