HomeCVE Intelligence › CVE-2026-44521
CVSS 8.8 HIGH Vulnerability

CVE-2026-44521: elFinder MySQL has a SQL Injection in its Volume Driver (elFinderVolumeMySQL)

Summary An authenticated SQL injection vulnerability in the elFinder MySQL volume driver (elFinderVolumeMySQL) allows any logged-in user, including users with read-only access to the affected volume, to inject SQL throu…

8.8CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-44521
Vendorcomposer
Affected Productstudio-42/elfinder
Vulnerability TypeVulnerability
CVSS Score8.8 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary An authenticated SQL injection vulnerability in the elFinder MySQL volume driver (elFinderVolumeMySQL) allows any logged-in user, including users with read-only access to the affected volume, to inject SQL through a crafted target file hash. Successful exploitation can lead to unauthorized data disclosure and denial of service. This vulnerability only affects installations configured to use the MySQL volume driver. Installations using the default LocalFileSystem driver are not affected.

Description A vulnerability in elFinder's MySQL volume driver (elFinderVolumeMySQL) allows authenticated SQL injection through a crafted file hash passed via the target parameter. The issue is caused by two behaviors working together:

1. File hashes are decoded without validating t

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-44521 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence