CVE Catalog

CVE-2026-39596

CriticalCVSS 9.3
Published: Updated: Translated: NVD NIST

Summary

There is an unauthenticated SQL injection vulnerability in Blocksy Companion Pro versions below 2.1.29.

Risk Assessment

An attacker could exploit this vulnerability to gain access to sensitive data in the application's database.

Recommendation

It is recommended to upgrade to version 2.1.29 or newer to mitigate this vulnerability.

Original NVD description (English source)

Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS