SQL Injection in Macwarrior Clipbucket-v5
CVE-2026-42847
ClipBucket v5 is an open source video sharing platform. Prior to 5.5.3 - #122, there is a critical SQL Injection (SQLi) vulnerability in ClipBucket, exploitable through the type parameter on the authenticated admin endpoint admin_area/acti…
Vulnerability class: SQL Injection
EPSS: 0.000 (10.3th percentile) — read the EPSS interpretation.
Affected products
- Macwarrior Clipbucket-v5 — versions < 5.5.3 - #122
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)