CVE Catalog

CVE-2026-54822

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Summary

Subscriber SQL Injection vulnerability in SALESmanago and Leadoo versions up to 3.11.2 allows unauthorized access to the database through malicious SQL query injection.

Risk Assessment

An attacker could gain access to sensitive data, potentially leading to a loss of confidentiality and financial losses for the organization.

Recommendation

It is recommended to upgrade to the latest version of the software to mitigate this vulnerability and conduct a security audit of the database.

Original NVD description (English source)

Subscriber SQL Injection in SALESmanago & Leadoo <= 3.11.2 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS