🔐 CVE Alert

CVE-2026-1198

UNKNOWN 0.0

SQL Injection in SIMPLE.ERP

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

SIMPLE.ERP is vulnerable to the SQL Injection in search functionality in "Obroty na kontach" window. Lack of input validation allows an authenticated attacker to prepare a malicious query to the database that will be executed. This issue was fixed in [email protected]_u06.

CWE CWE-89
Vendor simple sa
Product simple.erp
Published Feb 26, 2026
Last Updated Feb 26, 2026
Stay Ahead of the Next One

Get instant alerts for simple sa simple.erp

Be the first to know when new unknown vulnerabilities affecting simple sa simple.erp are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Simple SA / Simple.ERP
0 < [email protected]_u06

References

NVD ↗ CVE.org ↗ EPSS Data ↗
simple.com.pl: https://simple.com.pl/ cert.pl: https://cert.pl/posts/2026/02/CVE-2026-1198

Credits

Kamil Dąbkowski