CVE-2026-25240
BaseFortify
Publication date: 2026-02-03
Last updated on: 2026-02-05
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pear | pearweb | to 1.33.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-25240 is a SQL injection vulnerability in the user::maintains() function of the PEAR framework prior to version 1.33.0.
The vulnerability occurs when role filters are provided as an array and directly interpolated into an SQL IN (...) clause without proper parameter binding or sanitization.
This improper handling allows an attacker who can influence the role strings passed to this function to inject arbitrary SQL code, potentially manipulating the database.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The CVE-2026-25240 vulnerability is a SQL injection flaw that allows unauthorized SQL command execution due to improper sanitization of user inputs. Such vulnerabilities can potentially lead to unauthorized access, modification, or disclosure of sensitive data.
Because of this, affected systems that handle personal or sensitive information may face compliance risks with standards and regulations like GDPR or HIPAA, which require protection of data confidentiality and integrity.
However, the provided information does not explicitly state the impact on compliance with these standards.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized execution of SQL commands due to insufficient sanitization of user inputs.
An attacker exploiting this flaw could manipulate database queries, potentially accessing, modifying, or deleting sensitive data.
Such unauthorized database access can compromise the integrity and confidentiality of your data and disrupt application functionality.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability occurs in the `user::maintains()` function when role filters are provided as an array and interpolated directly into an SQL IN clause without proper parameter binding.'}, {'type': 'paragraph', 'content': 'To detect this vulnerability on your system, you can check the version of the PEAR framework in use and verify if it is prior to version 1.33.0, which contains the patch.'}, {'type': 'paragraph', 'content': 'Additionally, you can audit the source code, specifically the file `include/pear-database-user.php`, to see if the `$role` variable is handled by concatenating array elements into an SQL IN clause without prepared statements.'}, {'type': 'paragraph', 'content': 'For runtime detection, you might monitor SQL queries for suspicious patterns where role filters are passed as arrays and directly interpolated, potentially by enabling query logging on your database server.'}, {'type': 'paragraph', 'content': 'There are no specific commands provided in the resources, but general commands to check the PEAR version or search for vulnerable code patterns could include:'}, {'type': 'list_item', 'content': 'Check PEAR version: `pear version` or check the installed package version via your package manager.'}, {'type': 'list_item', 'content': "Search for vulnerable code pattern: `grep -r 'implode.*IN' include/pear-database-user.php`"}, {'type': 'list_item', 'content': 'Enable and review database query logs to detect suspicious SQL queries involving role filters.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade the PEAR framework to version 1.33.0 or later, where this SQL injection vulnerability has been patched.
If upgrading immediately is not possible, review and modify the code in `include/pear-database-user.php` to ensure that role filters are not directly interpolated into SQL queries. Instead, use prepared statements or proper parameter binding to handle arrays in SQL IN clauses.
Additionally, restrict or sanitize any user input that can influence the role filters passed to the `user::maintains()` function to prevent injection of malicious SQL code.
Monitor your systems for unusual database activity that could indicate exploitation attempts.