CVE-2026-41478
CVE-2026-41478 summary (Saltcorn). Saltcorn prior to 1.4.6, 1.5.6, and 1.6.0-beta.5 contains a SQL injection in the mobile-sync endpoints that can be triggered by an authenticated, low-privilege user with read access to at least one table. The vulnerability allows injection of arbitrary SQL via s...