Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2026/06/05 7:14 p.m.11 views

CVE-2026-40832

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDevicegroups function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.1CVSS5.8AI score0.00262EPSS
Exploits0References1
nvd
nvd
added 2026/05/27 8:16 a.m.19 views

CVE-2026-40818

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24configetDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

8.7CVSS0.0032EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/04/02 8:59 a.m.12 views

CVE-2026-33616

An unauthenticated remote attacker can exploit an unauthenticated blind SQL Injection vulnerability in the mb24api endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/03/23 11:16 a.m.3 views

CVE-2026-32969 Pre-Auth Blind SQLi in userinfo Endpoint

An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint’s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...

7.5CVSS5.9AI score0.00443EPSS
Exploits0References2
Rows per page
Query Builder