CVE-2026-58376

HIGH 7.6

Dolibarr - SQL Injection via sqlfilters Parameter in Multiple REST API List Endpoints

CVSS Score

7.6

EPSS Score

0.0%

EPSS Percentile

0th

Dolibarr through 23.0.3, fixed in commit 14db36e, contains a sql injection vulnerability that allows authenticated API users to exfiltrate arbitrary database contents by supplying malicious values to the sqlfilters query parameter in the setup dictionary and multicurrencies REST API endpoints. The affected endpoints in api_setup.class.php and api_multicurrencies.class.php validate sqlfilters only for balanced parentheses and rewrite matched triplets, allowing text placed outside the expected shape such as an appended UNION SELECT to be concatenated into the SQL WHERE clause unmodified, enabling retrieval of sensitive data including password hashes and API keys.

CWE	CWE-89
Vendor	dolibarr
Product	dolibarr
Published	Jun 30, 2026

Stay Ahead of the Next One

Get instant alerts for dolibarr dolibarr

Be the first to know when new high vulnerabilities affecting dolibarr dolibarr are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

Low

Affected Versions

Dolibarr / dolibarr

0 ≤ 23.0.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/Dolibarr/dolibarr/issues/38768 github.com: https://github.com/Dolibarr/dolibarr/pull/38794 github.com: https://github.com/Dolibarr/dolibarr/commit/14db36e8486ef725b0d493d97abb2950a54358d3 vulncheck.com: https://www.vulncheck.com/advisories/dolibarr-sql-injection-via-sqlfilters-parameter-in-multiple-rest-api-list-endpoints

Credits

George Chen