CVE-2026-8771: High-Severity SQL Injection in linlinjava litemall
The National Vulnerability Database has disclosed CVE-2026-8771, a high-severity SQL injection vulnerability affecting linlinjava litemall up to version 1.8.0. Specifically, the flaw resides in the list function within the WxGoodsController.java file of the litemall-wx-api component.
This vulnerability allows for remote exploitation, enabling attackers to manipulate the application and inject malicious SQL queries. The National Vulnerability Database indicates that an exploit for CVE-2026-8771 has been publicly released, significantly increasing the immediate risk for affected systems. The vendor, linlinjava, reportedly did not respond to initial disclosure attempts.
The CVSSv3.1 score for CVE-2026-8771 is 7.3 (HIGH), with a vector of AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. This means the vulnerability is network-exploitable, requires low attack complexity, no privileges, and no user interaction, leading to potential impacts on confidentiality, integrity, and availability. The primary CWEs associated are CWE-74 (Improper Neutralization of Special Elements in Output Used by a Different Context) and CWE-89 (Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)).
What This Means For You
- If your organization uses linlinjava litemall, particularly versions up to 1.8.0, you are exposed to a critical SQL injection risk. With a public exploit available, attackers can immediately target your systems. Prioritize patching or mitigating `WxGoodsController.java` to prevent data compromise and unauthorized access.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
CVE-2026-8771: SQL Injection in litemall WeChat API Goods Controller
title: CVE-2026-8771: SQL Injection in litemall WeChat API Goods Controller
id: scw-2026-05-18-ai-1
status: experimental
level: critical
description: |
Detects attempts to exploit CVE-2026-8771 by targeting the '/wx/goods/list' endpoint in the litemall WeChat API. The rule looks for common SQL injection patterns within the query string, indicating a potential exploitation of the vulnerability in org.linlinjava.litemall.wx.web.WxGoodsController.java.
author: SCW Feed Engine (AI-generated)
date: 2026-05-18
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-8771/
tags:
- attack.initial_access
- attack.t1190
logsource:
category: webserver
detection:
selection:
cs-uri:
- '/wx/goods/list'
cs-uri-query|contains:
- "' OR 1=1 --"
- "' OR 'a'='a' --"
- "' UNION SELECT"
cs-method:
- 'GET'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-8771 | SQLi | linlinjava litemall up to 1.8.0 |
| CVE-2026-8771 | SQLi | litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java |
| CVE-2026-8771 | SQLi | function list in WxGoodsController.java |
| CVE-2026-8771 | SQLi | Component: Front-end WeChat API |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 18, 2026 at 03:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
CVE-2026-20240 — Denial of Service
CVE-2026-20240 — In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129,...
Splunk Enterprise, Cloud Vulnerability Exposes Session Cookies, Sensitive Data
CVE-2026-20239 — In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a...
CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privileged
CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data...