CVE-2026-44447: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in frappe erpnext
ERPNext versions prior to 16. 9. 0 contain a SQL injection vulnerability that allows attackers to execute specially crafted requests to extract sensitive information. This vulnerability is identified as CVE-2026-44447 and is classified under CWE-89. The issue has been fixed in version 16. 9. 0. The vulnerability has a high severity with a CVSS score of 8. 8, indicating significant impact on confidentiality, integrity, and availability if exploited.
AI Analysis
Technical Summary
CVE-2026-44447 is a SQL injection vulnerability in ERPNext, an open source ERP tool by frappe. Versions before 16.9.0 have endpoints vulnerable to improper neutralization of special elements in SQL commands, allowing attackers with low privileges and no user interaction to execute arbitrary SQL queries. This can lead to unauthorized disclosure of sensitive data and potential full compromise of the system. The vulnerability is fixed in ERPNext version 16.9.0.
Potential Impact
Successful exploitation of this vulnerability can lead to high impact on confidentiality, integrity, and availability of the affected ERPNext system. Attackers can extract sensitive information and potentially manipulate or disrupt database operations. The CVSS score of 8.8 reflects the critical nature of this flaw in affected versions prior to 16.9.0.
Mitigation Recommendations
Upgrade ERPNext to version 16.9.0 or later, where this SQL injection vulnerability has been fixed. Since this is not a cloud service, remediation requires applying the official patch by updating the software. Patch status is not explicitly stated beyond the fix in 16.9.0, so users should verify the upgrade and consult the vendor for any additional guidance.
CVE-2026-44447: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in frappe erpnext
Description
ERPNext versions prior to 16. 9. 0 contain a SQL injection vulnerability that allows attackers to execute specially crafted requests to extract sensitive information. This vulnerability is identified as CVE-2026-44447 and is classified under CWE-89. The issue has been fixed in version 16. 9. 0. The vulnerability has a high severity with a CVSS score of 8. 8, indicating significant impact on confidentiality, integrity, and availability if exploited.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-44447 is a SQL injection vulnerability in ERPNext, an open source ERP tool by frappe. Versions before 16.9.0 have endpoints vulnerable to improper neutralization of special elements in SQL commands, allowing attackers with low privileges and no user interaction to execute arbitrary SQL queries. This can lead to unauthorized disclosure of sensitive data and potential full compromise of the system. The vulnerability is fixed in ERPNext version 16.9.0.
Potential Impact
Successful exploitation of this vulnerability can lead to high impact on confidentiality, integrity, and availability of the affected ERPNext system. Attackers can extract sensitive information and potentially manipulate or disrupt database operations. The CVSS score of 8.8 reflects the critical nature of this flaw in affected versions prior to 16.9.0.
Mitigation Recommendations
Upgrade ERPNext to version 16.9.0 or later, where this SQL injection vulnerability has been fixed. Since this is not a cloud service, remediation requires applying the official patch by updating the software. Patch status is not explicitly stated beyond the fix in 16.9.0, so users should verify the upgrade and consult the vendor for any additional guidance.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-05-06T15:49:25.192Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a04f261cbff5d8610128020
Added to database: 5/13/2026, 9:51:29 PM
Last enriched: 5/13/2026, 10:06:26 PM
Last updated: 5/13/2026, 11:10:09 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.