{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T07:22:50.759","vulnerabilities":[{"cve":{"id":"CVE-2026-22243","sourceIdentifier":"security-advisories@github.com","published":"2026-01-28T17:16:15.663","lastModified":"2026-02-19T21:21:44.660","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"EGroupware is a Web based groupware server written in PHP. A SQL Injection vulnerability exists in the core components of EGroupware prior to versions 23.1.20260113 and 26.0.20260113, specifically in the `Nextmatch` filter processing. The flaw allows authenticated attackers to inject arbitrary SQL commands into the `WHERE` clause of database queries. This is achieved by exploiting a PHP type juggling issue where JSON decoding converts numeric strings into integers, bypassing the `is_int()` security check used by the application. Versions 23.1.20260113 and 26.0.20260113 patch the vulnerability."},{"lang":"es","value":"EGroupware es un servidor de groupware basado en web escrito en PHP. Existe una vulnerabilidad de inyección SQL en los componentes centrales de EGroupware anteriores a las versiones 23.1.20260113 y 26.0.20260113, específicamente en el procesamiento del filtro 'Nextmatch'. La falla permite a atacantes autenticados inyectar comandos SQL arbitrarios en la cláusula 'WHERE' de las consultas de la base de datos. Esto se logra explotando un problema de manipulación de tipos (type juggling) de PHP donde la decodificación JSON convierte cadenas numéricas en enteros, eludiendo la verificación de seguridad 'is_int()' utilizada por la aplicación. Las versiones 23.1.20260113 y 26.0.20260113 parchean la vulnerabilidad."}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:egroupware:egroupware:*:*:*:*:community:*:*:*","versionEndExcluding":"23.1.20260113","matchCriteriaId":"9F79AA23-D51B-4881-92E1-7AD58066F134"},{"vulnerable":true,"criteria":"cpe:2.3:a:egroupware:egroupware:*:*:*:*:community:*:*:*","versionStartIncluding":"26.0.20251208","versionEndExcluding":"26.0.20260113","matchCriteriaId":"B539FA17-54C7-40C4-A4B2-AF8CF7BE9705"}]}]}],"references":[{"url":"https://github.com/EGroupware/egroupware/releases/tag/23.1.20260113","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/EGroupware/egroupware/releases/tag/26.0.20260113","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/EGroupware/egroupware/security/advisories/GHSA-rvxj-7f72-mhrx","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]}]}}]}