๐Ÿ” CVE Alert

CVE-2026-34018

MEDIUM 6.3
CVSS Score
6.3
EPSS Score
0.0%
EPSS Percentile
0th

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product.

Vendor cubecart limited
Product cubecart
Published Apr 17, 2026
Stay Ahead of the Next One

Get instant alerts for cubecart limited cubecart

Be the first to know when new medium vulnerabilities affecting cubecart limited cubecart are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Affected Versions

CubeCart Limited / CubeCart
prior to 6.6.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
community.cubecart.com: https://community.cubecart.com/t/cubecart-6-6-0-released-the-biggest-update-in-years/62405 jvn.jp: https://jvn.jp/en/jp/JVN78422311/