-
-
Notifications
You must be signed in to change notification settings - Fork 236
Expand file tree
/
Copy pathCVE-2026-42087.yml
More file actions
41 lines (35 loc) · 1.47 KB
/
Copy pathCVE-2026-42087.yml
File metadata and controls
41 lines (35 loc) · 1.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
---
gem: openc3
cve: 2026-42087
ghsa: v529-vhwc-wfc5
url: https://github.com/OpenC3/cosmos/security/advisories/GHSA-v529-vhwc-wfc5
title: OpenC3 COSMOS has SQL Injection in QuestDB Time-Series Database
date: 2026-04-23
description: |
Vulnerability Type: CWE-89: Improper Neutralization of Special Elements
used in an SQL Command ('SQL Injection')
Attack type: Authenticated remote
Impact: Telemetry data disclosure and deletion
Affected components: openc3-tsdb (QuestDB)
A SQL injection vulnerability exists in the Time-Series Database (TSDB)
component of COSMOS. The `tsdb_lookup` function in the `cvt_model.rb`
file directly places user-supplied input into a SQL query without
sanitizing the input. As a result, a user can break out of the initial
SQL statement and execute arbitrary SQL commands, including deleting data.
## Recommendations
* Sanitize all user-supplied input before executing it.
* Use prepared statements with parameterized queries when
executing SQL statements.
cvss_v3: 9.6
unaffected_versions:
- "< 6.7.0"
patched_versions:
- ">= 7.0.0"
related:
url:
- https://nvd.nist.gov/vuln/detail/CVE-2026-42087
- https://rubygems.org/gems/openc3/versions/7.0.0
- https://github.com/OpenC3/cosmos/releases/tag/v7.0.0
- https://github.com/OpenC3/cosmos/security/advisories/GHSA-v529-vhwc-wfc5
- https://github.com/OpenC3/cosmos/commit/9ba60c09c8836a37a2e4ea67ab35fe403e041415
- https://github.com/advisories/GHSA-v529-vhwc-wfc5