CVE Catalog

CVE-2026-54818

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Summary

CVE-2026-54818 describes an improper neutralization of special elements used in an SQL command, allowing for Blind SQL Injection in Slimstat Analytics.

Risk Assessment

An attacker could exploit this vulnerability to gain unauthorized access to database data, potentially leading to serious security breaches.

Recommendation

It is recommended to update Slimstat Analytics to the latest version to mitigate this vulnerability and implement additional security measures such as input validation.

Original NVD description (English source)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs Slimstat Analytics allows Blind SQL Injection. This issue affects Slimstat Analytics: from n/a through 5.4.11.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS