CVE-2026-50890
UNKNOWN
NVD
CVSS Score
0
Severity
UNKNOWN
Published
Jun 15, 2026
Vendor
unknown
Description
Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.