CVE-2026-10521
- EPSS 0.31%
- Veröffentlicht 23.06.2026 07:34:10
- Zuletzt bearbeitet 23.06.2026 14:33:10
An high privileged remote attacker can access a hidden configuration method, that should not be accessible by any user, to modify critical program parameters. This can result in a total loss of confidentiality, integrity and availability.
CVE-2026-40850
- EPSS 0.4%
- Veröffentlicht 27.05.2026 08:00:01
- Zuletzt bearbeitet 27.05.2026 14:53:22
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentialit...
CVE-2026-40849
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:59:44
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the user_alarmprofile view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
CVE-2026-40848
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:59:29
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
CVE-2026-40847
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:59:14
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system_tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
CVE-2026-40846
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:58:59
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
CVE-2026-40845
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:58:44
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the devices_configuration view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidential...
CVE-2026-40844
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:58:25
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashboard view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
CVE-2026-40843
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:58:05
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the alarming view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.
CVE-2026-40842
- EPSS 0.26%
- Veröffentlicht 27.05.2026 07:57:52
- Zuletzt bearbeitet 27.05.2026 14:53:22
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.