CVE Catalog

CVE-2026-56012

HighCVSS 8.5
Published: Updated: Translated: NVD NIST

Summary

CVE-2026-56012 describes an improper neutralization of special elements used in SQL commands, allowing for Blind SQL Injection attacks in the David Lingren Media Library Assistant application.

Risk Assessment

An attacker could exploit this vulnerability to gain unauthorized access to database information, potentially leading to data leakage or manipulation.

Recommendation

It is recommended to update the Media Library Assistant application to the latest version to mitigate this vulnerability and implement appropriate security measures to protect against SQL Injection attacks.

Original NVD description (English source)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS