CVE Catalog

CVE-2026-22332

CriticalCVSS 9.3
Published: Updated: Translated: NVD NIST

Summary

There is an unauthenticated SQL injection vulnerability in Tutor LMS Pro versions up to 3.9.6.

Risk Assessment

An attacker could exploit this vulnerability to gain access to database data, potentially leading to serious security breaches.

Recommendation

It is recommended to update to the latest version of Tutor LMS Pro to mitigate this vulnerability.

Original NVD description (English source)

Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS