CVE-2026-24913

HIGH NVD

CVSS Score 8.8

Severity HIGH

Published Apr 08, 2026

Vendor unknown

Description

SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product.

References

https://jvn.jp/en/jp/JVN33581068/
https://oss.icz.co.jp/news/?p=1386