CVE-2026-40813

HIGH NVD

CVSS Score 7.5

Severity HIGH

Published May 27, 2026

Vendor unknown

Description

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions tagid parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

References

https://www.certvde.com/en/advisories/VDE-2026-044/