NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-42100

Summary	Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to be executed by sending an specially crafted SQL query. This causes the Pro Cloud Server service to terminate unexpectedly. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Publication Date	May 19, 2026, 11:16 p.m.
Registration Date	May 20, 2026, 4:12 a.m.
Last Update	May 19, 2026, 11:45 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://cert.pl/en/posts/2026/05/CVE-2026-42096	cvd@cert.pl
2	https://efigo.pl/blog/CVE-2026-42096/	cvd@cert.pl
3	https://sparxsystems.com/products/procloudserver/	cvd@cert.pl
4	https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html	cvd@cert.pl

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-228	不正な構文構造の不適切な処理	https://cwe.mitre.org/data/definitions/228.html