{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-33088", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "state": "PUBLISHED", "assignerShortName": "jpcert", "dateReserved": "2026-03-26T01:06:13.982Z", "datePublished": "2026-04-08T08:51:45.916Z", "dateUpdated": "2026-04-08T13:31:08.213Z"}, "containers": {"cna": {"affected": [{"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "9.1.0 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "9.0.6 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "8.8.2 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "8.0.9 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Advanced", "versions": [{"version": "9.1.0 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Advanced", "versions": [{"version": "9.0.6 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Advanced", "versions": [{"version": "8.8.2 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Advanced", "versions": [{"version": "8.0.9 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium", "versions": [{"version": "9.1.0 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium", "versions": [{"version": "9.0.6 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium Advanced Edition", "versions": [{"version": "9.1.0 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium Advanced Edition", "versions": [{"version": "9.0.6 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium", "versions": [{"version": "2.14 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium Advanced Edition", "versions": [{"version": "2.14 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium (MT8-based)", "versions": [{"version": "2.14 and earlier", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "5.1 to 5.18", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "5.2", "status": "affected"}, {"version": "5.2.1 to 5.2.13", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "6.0", "status": "affected"}, {"version": "6.0.1 to 6.8.8", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "7 r.4207 to r.5510", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "8.4.0 to 8.4.4", "status": "affected"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"version": "1.0 to 1.68", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Movable Type provided by Six Apart Ltd. contains an SQL Injection vulnerability which may allow an attacker to execute an arbitrary SQL statement."}], "problemTypes": [{"descriptions": [{"description": "Improper neutralization of special elements used in an SQL command ('SQL Injection')", "lang": "en-US", "cweId": "CWE-89", "type": "CWE"}]}], "references": [{"url": "https://movabletype.org/news/2026/04/mt-907-released.html"}, {"url": "https://www.sixapart.jp/movabletype/news/2026/04/08-1100.html"}, {"url": "https://jvn.jp/en/jp/JVN66473735/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV3_0": {"version": "3.0", "baseSeverity": "HIGH", "baseScore": 7.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}}, {"format": "CVSS", "scenarios": [{"lang": "en-US", "value": "GENERAL"}], "cvssV4_0": {"version": "4.0", "baseSeverity": "MEDIUM", "baseScore": 6.9, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"}}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-04-08T08:51:45.916Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-08T13:31:00.450725Z", "id": "CVE-2026-33088", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T13:31:08.213Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-33088", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-08T13:31:00.450725Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-08T13:31:04.830Z"}}], "cna": {"metrics": [{"format": "CVSS", "cvssV3_0": {"version": "3.0", "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N"}, "scenarios": [{"lang": "en-US", "value": "GENERAL"}]}], "affected": [{"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "9.1.0 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "9.0.6 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "8.8.2 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "8.0.9 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Advanced", "versions": [{"status": "affected", "version": "9.1.0 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Advanced", "versions": [{"status": "affected", "version": "9.0.6 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Advanced", "versions": [{"status": "affected", "version": "8.8.2 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Advanced", "versions": [{"status": "affected", "version": "8.0.9 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium", "versions": [{"status": "affected", "version": "9.1.0 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium", "versions": [{"status": "affected", "version": "9.0.6 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium Advanced Edition", "versions": [{"status": "affected", "version": "9.1.0 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium Advanced Edition", "versions": [{"status": "affected", "version": "9.0.6 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium", "versions": [{"status": "affected", "version": "2.14 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium Advanced Edition", "versions": [{"status": "affected", "version": "2.14 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type Premium (MT8-based)", "versions": [{"status": "affected", "version": "2.14 and earlier"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "5.1 to 5.18"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "5.2"}, {"status": "affected", "version": "5.2.1 to 5.2.13"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "6.0"}, {"status": "affected", "version": "6.0.1 to 6.8.8"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "7 r.4207 to r.5510"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "8.4.0 to 8.4.4"}]}, {"vendor": "Six Apart Ltd.", "product": "Movable Type", "versions": [{"status": "affected", "version": "1.0 to 1.68"}]}], "references": [{"url": "https://movabletype.org/news/2026/04/mt-907-released.html"}, {"url": "https://www.sixapart.jp/movabletype/news/2026/04/08-1100.html"}, {"url": "https://jvn.jp/en/jp/JVN66473735/"}], "descriptions": [{"lang": "en", "value": "Movable Type provided by Six Apart Ltd. contains an SQL Injection vulnerability which may allow an attacker to execute an arbitrary SQL statement."}], "problemTypes": [{"descriptions": [{"lang": "en-US", "type": "CWE", "cweId": "CWE-89", "description": "Improper neutralization of special elements used in an SQL command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert", "dateUpdated": "2026-04-08T08:51:45.916Z"}}}, "cveMetadata": {"cveId": "CVE-2026-33088", "state": "PUBLISHED", "dateUpdated": "2026-04-08T13:31:08.213Z", "dateReserved": "2026-03-26T01:06:13.982Z", "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "datePublished": "2026-04-08T08:51:45.916Z", "assignerShortName": "jpcert"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Movable Type provided by Six Apart Ltd. contains an SQL Injection vulnerability which may allow an attacker to execute an arbitrary SQL statement."}], "id": "CVE-2026-33088", "lastModified": "2026-04-08T21:26:35.910", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "vultures@jpcert.or.jp", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vultures@jpcert.or.jp", "type": "Secondary"}]}, "published": "2026-04-08T09:16:21.213", "references": [{"source": "vultures@jpcert.or.jp", "url": "https://jvn.jp/en/jp/JVN66473735/"}, {"source": "vultures@jpcert.or.jp", "url": "https://movabletype.org/news/2026/04/mt-907-released.html"}, {"source": "vultures@jpcert.or.jp", "url": "https://www.sixapart.jp/movabletype/news/2026/04/08-1100.html"}], "sourceIdentifier": "vultures@jpcert.or.jp", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "vultures@jpcert.or.jp", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-08T11:05:37.871563+00:00", "value": {"mitigation_remediation": ["Verify whether Six\u202fApart has released a patch that addresses this SQL injection vulnerability and apply it immediately.", "If a patch is unavailable, limit the database account used by Movable\u202fType to the minimal privileges required for normal operation.", "Deploy input validation or a web application firewall rule set to block common SQL injection patterns."], "summary": {"action": "Apply Patch", "impact": "SQL injection allowing arbitrary SQL execution"}, "threat_synthesis": {"affected_systems": "All editions of Movable\u202fType released by Six\u202fApart Ltd\u2014standard, Advanced, Premium, Premium Advanced Edition and the MT8\u2011based Premium build\u2014are affected. No specific product versions are listed; therefore any publicly accessible installation may be vulnerable until a fix is applied.", "description_and_impact": "Movable\u202fType, a content management system from Six\u202fApart Ltd., contains an SQL injection flaw. The vulnerability permits attackers to execute arbitrary SQL statements against the application\u2019s database, potentially exposing, modifying, or deleting sensitive data and compromising the integrity of stored information.", "risk_and_exploitability": "The CVSS score of 6.9 indicates medium severity, while no EPSS score or CISA KEV listing is available. The advisory does not state authentication requirements, so it is inferred that the injection can be triggered via web input, implying a remote attack vector over the public network. If the database credentials used by Movable\u202fType possess high privileges, exploitation could lead to full data compromise."}}}}, "created": "2026-04-08T19:39:59.791974+00:00", "title": "SQL Injection in Movable\u202fType Enables Arbitrary Database Access", "updated": "2026-04-08T19:39:59.792002+00:00", "vendors": []}