CVE-2026-40840
MEDIUM
NVD
CVSS Score
6.5
Severity
MEDIUM
Published
May 27, 2026
Vendor
unknown
Description
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.