CVE Catalog

CVE-2026-56062

CriticalCVSS 9.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile — higher than 15% of all known CVEs

Summary

Unauthenticated SQL injection vulnerability in Quotes llama plugin versions up to 3.1.5. An attacker without authentication can execute arbitrary SQL queries.

Risk Assessment

Risk includes unauthorized database access, sensitive data leakage, and potential system takeover.

Recommendation

Immediately update the Quotes llama plugin to version 3.1.6 or later, which includes a fix for this vulnerability.

Original NVD description (English source)

Unauthenticated SQL Injection in Quotes llama <= 3.1.5 versions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS