Digiwin Easyflow .Net
7 CVEs affecting Digiwin Easyflow .Net. Latest disclosed: 2026-04-20. Critical: 4, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-5964 | Critical | 9.8 | 2026-04-20 | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modif… |
CVE-2026-5963 | Critical | 9.8 | 2026-04-20 | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modif… |
CVE-2024-5311 | Critical | 9.8 | 2024-06-03 | DigiWin EasyFlow .NET lacks validation for certain input parameters. An unauthenticated remote attacker can inject arbitrary SQL commands to read, modify, and… |
CVE-2024-4893 | Critical | 9.8 | 2024-05-15 | DigiWin EasyFlow .NET lacks validation for certain input parameters, allowing remote attackers to inject arbitrary SQL commands. This vulnerability enables una… |
CVE-2025-11949 | High | 7.5 | 2025-10-21 | EasyFlow .NET and EasyFlow AiNet, developed by Digiwin, has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to obtain databas… |
CVE-2025-12503 | Medium | 6.5 | 2025-11-03 | EasyFlow .NET and EasyFlow AiNet developed by Digiwin has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL comman… |
CVE-2024-7323 | Medium | 6.5 | 2024-08-02 | Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with… |