Shelf: SQL Injection via sortBy Parameter_CVE-2026-44204

6.5 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Description

Shelf is a platform for tracking physical assets. From 1.12 to before 1.20.1, a SQL injection vulnerability in the sortBy query parameter on the /assets route allows any authenticated user (any role) to execute arbitrary SQL and read data from any table in the database, including data belonging to other organizations. This vulnerability is fixed in 1.20.1.

Basic Information

ID CVE-2026-44204

Source GitHub_M

Published May 12, 2026 at 17:45

Affected Product

Vendor Shelf-nu

Product shelf.nu

Version >= 1.12, < 1.20.1

Affected Versions Shelf-nu shelf.nu >= 1.12, < 1.20.1

CWE Classification

CWE-20 CWE-89

References

{
    "lastseen": "",
    "description": "Shelf is a platform for tracking physical assets. From 1.12 to before 1.20.1, a SQL injection vulnerability in the sortBy query parameter on the /assets route allows any authenticated user (any role) to execute arbitrary SQL and read data from any table in the database, including data belonging to other organizations. This vulnerability is fixed in 1.20.1.",
    "published": "2026-05-12T17:45:58.504Z",
    "modified": "2026-05-12T17:45:58.504Z",
    "type": "cve",
    "title": "Shelf: SQL Injection via sortBy Parameter",
    "source": "GitHub_M",
    "references": "https://github.com/Shelf-nu/shelf.nu/security/advisories/GHSA-69xv-wmgg-3qp3\nhttps://github.com/Shelf-nu/shelf.nu/commit/5d35c15856dbf267fab4dccafd077ee7a6fa6f40",
    "id": "CVE-2026-44204",
    "bulletinFamily": "",
    "cwe": [
        "CWE-20",
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Shelf-nu shelf.nu >= 1.12, < 1.20.1",
    "sourceHref": "",
    "cvss": {
        "score": 6.5,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "shelf.nu",
    "version": ">= 1.12, < 1.20.1",
    "vendor": "Shelf-nu",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}