CVE-2026-42096

8.8 HIGH

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database

Published: 2026-05-19 · Last updated: 2026-06-02

Severity and scoring

CVSS: 8.8 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-863

Affected products

Vendor	Product
sparxsystems	pro_cloud_server

Description

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-42096
[Other]https://cert.pl/en/posts/2026/05/CVE-2026-42096
[Other]https://efigo.pl/blog/CVE-2026-42096/
[Other]https://sparxsystems.com/products/procloudserver/
[Exploit reference]https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html

Related CVEs

Same vendor

CVE-2026-42100 — Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to be executed by se... (7.5 HIGH)
CVE-2026-42099 — Sparx Pro Cloud Server is vulnerable to a Race Condition in the /data_api/dl_internal_artifact.php endpoint (7.5 HIGH)
CVE-2026-42097 — Sparx Pro Cloud Server requires authentication based on requested URL (8.8 HIGH)
CVE-2025-15625 — Unauthenticated user is able to execute arbitrary SQL commands in Sparx Pro Cloud Server database in certain cases (9.8 CRITICAL)
CVE-2025-15624 — Plaintext Storage of a Password vulnerability in Sparx Systems Pty Ltd (7.5 HIGH)

Same CWE

CVE-2026-47238 — ClipBucket v5 is an open source video sharing platform (6.5 MEDIUM)
CVE-2026-53809 — OpenClaw before 2026.4.25 contains a policy bypass vulnerability in embedded runner policy that allows requests using provider aliases to... (3.8 LOW)
CVE-2026-53808 — OpenClaw before 2026.5.6 contains an approval policy bypass vulnerability in the Skill Workshop apply flow that allows agent tool calls t... (6.5 MEDIUM)
CVE-2026-53807 — OpenClaw before 2026.5.6 contains an authorization bypass vulnerability in Telegram interactive callbacks that allows authenticated users... (8.8 HIGH)
CVE-2026-46519 — mcp-server-kubernetes is a Model Context Protocol server for Kubernetes cluster management (8.8 HIGH)