CVE-2026-22558

An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges...

CVE-2026-22558

An Authenticated NoSQL Injection vulnerability found in UniFi Network Application could allow a malicious actor with authenticated access to the network to escalate privileges...

CVE-2026-3023 Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web

Non-relational SQL injection vulnerability NoSQLi in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/pets/print-tags'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting NoSQL commands,...

PT-2026-24227

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.6.14 Parse Server versions prior to 9.5.2-alpha.1 Description Parse Server, an open-source backend deployable on Node.js infrastructures, contains a NoSQL injection issue. An unauthenticated attacker can inject...

PT-2024-22326 · Unknown · Yourspotify

Name of the Vulnerable Software and Affected Versions: YourSpotify versions prior to 1.8.0 Description: The issue concerns a NoSQL injection vulnerability in the public access token processing logic. This allows attackers to bypass the public token authentication mechanism without user interactio...