CVE-2026-42474 | THREATINT

Description

SQL injection vulnerability in MixPHP Framework 2.x thru 2.2.17 via crafted `data` array to the data function in BuildHelper.php.

PUBLISHED Reserved 2026-04-27 | Published 2026-05-01 | Updated 2026-05-01 | Assigner mitre

References

github.com/mix-php/mix

github.com/...2.2.17/src/database/src/Helper/BuildHelper.php

gist.github.com/sgInnora/fa46386840fe978a30d7e53c458f2975

cve.org (CVE-2026-42474)

nvd.nist.gov (CVE-2026-42474)

Download JSON

help @ threatint.eu