CVE Catalog

CVE-2026-49079

CriticalCVSS 9.3
Published: Updated: Translated: NVD NIST

Summary

JetSearch versions up to 3.5.17 are vulnerable to unauthenticated SQL injection, potentially allowing unauthorized access to data.

Risk Assessment

An attacker could exploit this vulnerability to manipulate database data, posing a serious threat to the integrity and confidentiality of information within the organization.

Recommendation

It is recommended to upgrade to the latest version of JetSearch to mitigate this vulnerability and conduct a security audit of the application.

Original NVD description (English source)

Unauthenticated SQL Injection in JetSearch <= 3.5.17 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS