CVE-2026-5148 - Vulnerability Details

Description

A weakness has been identified in YunaiV yudao-cloud up to 2026.01. This vulnerability affects unknown code of the file /admin-api/system/mail-log/page. This manipulation of the argument toMail causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Published: 2026-03-30

Score: 5.1 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

This vulnerability allows an attacker to inject arbitrary SQL through the toMail argument in the /admin-api/system/mail-log/page endpoint of YunaiV yudao‑cloud. The injection could lead to unauthorized data disclosure, data modification, or other destructive database actions, impacting confidentiality and integrity of the underlying data store. The weakness is classified as CWE‑74 (HTML “String” to HTML conversion) and CWE‑89 (SQL Injection).

Affected Systems

YunaiV yudao‑cloud versions up to 2026.01 are affected. The specific product is the public web application provided by YunaiV; no further sub‑components are listed in public CVE data.

Risk and Exploitability

The CVSS score is 5.1, indicating a medium impact level. The EPSS score is not available, so exploitation probability cannot be quantified. The vulnerability is not in CISA’s KEV catalog. Attackers can trigger the injection remotely, as the vulnerability description explicitly states that the attack can be initiated remotely. No workload or privilege requirements are mentioned, suggesting that the endpoint is reachable from the public network or at least from any authenticated admin session.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

YunaiV

yudao-cloud

affected

Version	Status	Constraints
`2026.01`	affected	—

No data.

Vendor Product Confidence Versions

Yunaiv

Yudao-cloud

100%

Version	Status	Scheme	Platform
`2026.01`	affected	generic	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Check for an official patch or update for YunaiV yudao‑cloud 2026.01 or later and apply it as soon as possible.
If a vendor fix is not yet available, restrict network access to the /admin-api/system/mail-log/page endpoint to trusted administrators only.
Implement input validation or sanitization on the toMail parameter to block injection patterns before they reach the database layer.
Monitor logs for anomalous SQL activity or failed login attempts that could indicate exploitation attempts.
Consider applying a web application firewall rule that blocks apparent SQL injection payloads on the affected endpoint.

Generated by OpenCVE AI on March 31, 2026 at 04:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.00027.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/NarcherAlter/Security_Note/blob/main/Vulnerability_Discovery/yudaoCloudv2026.01.md#
https://github.com/NarcherAlter/Security_Note/blob/main/Vulnerability_Discovery/yudaoCloudv2026.01.md#admin-apisystemmail-logpage
https://vuldb.com/submit/780192
https://vuldb.com/vuln/354182
https://vuldb.com/vuln/354182/cti

History

Wed, 01 Apr 2026 23:45:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 01 Apr 2026 02:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Yunaiv Yunaiv yudao-cloud
Vendors & Products		Yunaiv Yunaiv yudao-cloud

Mon, 30 Mar 2026 20:15:00 +0000

Type	Values Removed	Values Added
Description		A weakness has been identified in YunaiV yudao-cloud up to 2026.01. This vulnerability affects unknown code of the file /admin-api/system/mail-log/page. This manipulation of the argument toMail causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Title		YunaiV yudao-cloud page sql injection
Weaknesses		CWE-74 CWE-89
References		https://github.com/NarcherAlter/Security_Note/blob/main/Vulnerability_Discovery/yudaoCloudv2026.01.md# https://github.com/NarcherAlter/Security_Note/blob/main/Vulnerability_Discovery/yudaoCloudv2026.01.md#admin-apisystemmail-logpage https://vuldb.com/submit/780192 https://vuldb.com/vuln/354182 https://vuldb.com/vuln/354182/cti
Metrics		cvssV2_0 `{'score': 5.8, 'vector': 'AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 4.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Yunaiv Yudao-cloud

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-03-30T19:45:10.473Z

Updated: 2026-04-01T18:25:55.211Z

Reserved: 2026-03-30T13:23:50.931Z

Link: CVE-2026-5148

Vulnrichment

Updated: 2026-04-01T18:25:50.703Z

NVD

Status : Awaiting Analysis

Published: 2026-03-30T20:16:23.863

Modified: 2026-04-01T14:24:21.833

Link: CVE-2026-5148

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-03-31T20:40:15Z

Weaknesses

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact Low

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact Low

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Access Vector Network

Access Complexity Low

Authentication Multiple

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object