← Back to all CVEs

CVE-2026-32969

HIGH NVD
CVSS Score 7.5
Severity HIGH
Published Mar 23, 2026
Vendor unknown

Description

An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint’s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

References