CVE-2026-27697 is a SQL injection vulnerability classified under CWE-89, found in baserCMS, an open-source website development framework. The vulnerability affects versions prior to 5.2.3 and is specifically located in the blog post component of the CMS. It arises due to improper neutralization of special elements in SQL commands, allowing an attacker to inject malicious SQL code. This injection flaw can be exploited remotely over the network without requiring authentication or user interaction, making it relatively easy to exploit. The impact includes unauthorized data access, modification, or deletion, potentially compromising the confidentiality, integrity, and availability of the backend database. The vulnerability has been assigned a CVSS 4.0 base score of 6.9, reflecting medium severity with network attack vector, low complexity, and no privileges or user interaction required. The vulnerability was publicly disclosed on March 31, 2026, and patched in baserCMS version 5.2.3. No active exploits have been reported so far, but the risk remains significant for unpatched systems. The flaw highlights the importance of proper input validation and parameterized queries in CMS development to prevent injection attacks.

The SQL injection vulnerability can allow attackers to execute arbitrary SQL commands on the affected baserCMS database, leading to unauthorized data disclosure, data manipulation, or deletion. This can result in leakage of sensitive information such as user credentials, personal data, or business-critical content. Attackers could also corrupt or erase data, causing service disruption and loss of data integrity. Since the vulnerability requires no authentication and can be exploited remotely, it poses a significant risk to any publicly accessible baserCMS-based website. Organizations relying on baserCMS for their web presence may face reputational damage, regulatory compliance issues, and operational downtime if exploited. Although no known exploits are currently reported, the availability of a public patch means attackers could develop exploits targeting unpatched systems, increasing the threat over time.

Organizations should immediately upgrade baserCMS installations to version 5.2.3 or later, where the vulnerability is patched. In addition to patching, administrators should audit their web applications for any custom plugins or extensions that interact with blog posts or database queries to ensure they use parameterized queries or prepared statements. Employing a web application firewall (WAF) with SQL injection detection rules can provide an additional layer of defense against exploitation attempts. Regularly monitoring logs for unusual database query patterns or repeated failed requests targeting blog post endpoints can help detect potential exploitation attempts early. It is also recommended to enforce the principle of least privilege on database accounts used by baserCMS, limiting their permissions strictly to what is necessary. Finally, organizations should maintain an up-to-date inventory of baserCMS versions deployed across their infrastructure to ensure timely patch management.