CVE 9.6 CRITICAL

Migration-planner: second-order sql injection via rvtools upload_CVE-2026-53474

June 10, 2026 invoker category_cve

9.6 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N

Description

A flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx file. Due to improper input sanitization, malicious SQL embedded within a spreadsheet cell is executed when cluster names are processed. This SQL Injection allows for arbitrary file reading on the system, potentially exposing sensitive information such as Kubernetes service account tokens and other credentials, which could lead to a full compromise of the SaaS environment.

AI Analysis

SQL Injection vulnerability in migration-planner via RVTools upload, allowing arbitrary file reading and potentially exposing sensitive information

Basic Information

ID CVE-2026-53474

Source redhat

Published Jun 10, 2026 at 13:55

Affected Product

Vendor KubeV2V

Product migration-planner

Affected Versions 0

CWE Classification

CWE-89

AI Assessment

AI Score 9.6 / 10

AI Severity Critical

Vendor KubeV2V

Product migration-planner

References

{
    "lastseen": "",
    "description": "A flaw was found in migration-planner. A remote authenticated attacker could exploit this vulnerability by uploading a specially crafted RVTools .xlsx file. Due to improper input sanitization, malicious SQL embedded within a spreadsheet cell is executed when cluster names are processed. This SQL Injection allows for arbitrary file reading on the system, potentially exposing sensitive information such as Kubernetes service account tokens and other credentials, which could lead to a full compromise of the SaaS environment.",
    "published": "2026-06-10T13:55:38.943Z",
    "modified": "2026-06-10T13:55:38.943Z",
    "type": "cve",
    "title": "Migration-planner: second-order sql injection via rvtools upload",
    "source": "redhat",
    "references": "https://access.redhat.com/security/cve/CVE-2026-53474\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2487231\nhttps://github.com/kubev2v/migration-planner/pull/1231",
    "id": "CVE-2026-53474",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "  0",
    "sourceHref": "",
    "cvss": {
        "score": 9.6,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "migration-planner",
    "version": "0",
    "vendor": "KubeV2V",
    "ai_description": "SQL Injection vulnerability in migration-planner via RVTools upload, allowing arbitrary file reading and potentially exposing sensitive information",
    "ai_severity": "Critical",
    "ai_vendor": "KubeV2V",
    "ai_product": "migration-planner",
    "ai_version": "0",
    "ai_score": 9.6
}

💭 Join the Security Discussion ❌ Cancel Reply