CVE-2026-22206

EUVD-2026-8884
SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Attackers can exploit this SQL injection flaw combined with PHP tag processing to achieve remote code execution on the server.
SQL Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
spipspip
𝑥
< 4.4.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
spip
bullseye
vulnerable
bullseye (security)
vulnerable
forky
4.4.13+dfsg-1
fixed
sid
4.4.13+dfsg-1
fixed
trixie
4.4.11+dfsg-0+deb13u1
fixed
trixie (security)
4.4.13+dfsg-0+deb13u1
fixed
Common Weakness Enumeration
References
https://blog.spip.net/Mise-a-jour-de-securite-sortie-de-SPIP-4-4-10.html
https://git.spip.net/spip/spip
https://www.vulncheck.com/advisories/spip-sql-injection-rce-via-union-php-tags