CVE-2026-38158
CVE-2026-38158 describes an SQL injection in ureport v2.2.9, specifically in the /ureport/datasource/previewData component. The vulnerability could allow an attacker to disclose sensitive database information via crafted SQL statements. The CVSS 3.1 score is 9.8 (CRITICAL), with attack vector NET...