Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
AutohomeCorp frostmourne: SQL Injection in Alarm Preview Function
CVE-2026-5563
Summary
A security flaw in AutohomeCorp frostmourne version 1.0 allows attackers to inject malicious SQL code, potentially stealing sensitive data or taking control of the system. This vulnerability can be exploited remotely, and an exploit has been made public, increasing the risk of attacks. Update to a fixed version of frostmourne to protect against this threat.
Original title
A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affected is the function httpTest of the file /api/monitor-api/alarm/previewData of the component Alarm Preview. The manip...
Original description
A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affected is the function httpTest of the file /api/monitor-api/alarm/previewData of the component Alarm Preview. The manipulation results in sql injection. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
nvd CVSS2.0
6.5
nvd CVSS3.1
6.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-74
Injection
CWE-89
SQL Injection
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026