{"id":74638,"date":"2025-09-13T20:04:44","date_gmt":"2025-09-13T20:04:44","guid":{"rendered":""},"modified":"2025-10-11T16:28:47","modified_gmt":"2025-10-11T22:28:47","slug":"cve-2025-58439-critical-sql-injection-vulnerability-in-erp","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-58439-critical-sql-injection-vulnerability-in-erp\/","title":{"rendered":"CVE-2025-58439: Critical SQL Injection Vulnerability in ERP<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The CVE-2025-58439 is a severe SQL Injection vulnerability that resides within the ERP, a free and widely used open-source Enterprise Resource Planning tool. This vulnerability affects versions below 14.89.2 and from 15.0.0 through 15.75.1 of the software. Given the widespread usage of ERP, this vulnerability has the potential to impact many businesses<\/a> across different sectors, thereby posing a significant threat to data security.
\nThe importance of this vulnerability lies in its potential to compromise systems<\/a> or leak sensitive data. Hence, it’s crucial for businesses and organizations using affected versions of ERP to take immediate action to mitigate this threat.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-58439
\nSeverity: Critical (8.1 CVSS v3 Score)
\nAttack Vector: Network
\nPrivileges Required: Low
\nUser Interaction: None
\nImpact: Potential system<\/a> compromise and data leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n Share secrets securely\r\n <\/h2>\r\n\r\n

\r\n Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.\r\n <\/p>\r\n\r\n

\r\n Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.\r\n <\/p>\r\n\r\n