CVE-2026-25606

UNKNOWN 0.0

SQL Injection in STER

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

9th

A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks. It allows an authenticated attacker to view sensitive data such as data belonging to other users, or any other data that the application itself is able to access This issue was fixed in version 9.5.

CWE	CWE-89
Vendor	centralny instytut ochrony pracy - państwowy instytut badawczy
Product	ster
Published	May 22, 2026
Last Updated	May 22, 2026

Stay Ahead of the Next One

Get instant alerts for centralny instytut ochrony pracy - państwowy instytut badawczy ster

Be the first to know when new unknown vulnerabilities affecting centralny instytut ochrony pracy - państwowy instytut badawczy ster are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Centralny Instytut Ochrony Pracy - Państwowy Instytut Badawczy / STER

0 < 9.5

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cert.pl: https://cert.pl/posts/2026/05/CVE-2026-25606 ciop.pl: https://www.ciop.pl/CIOPPortalWAR/appmanager/ciop/pl?_nfpb=true&_pageLabel=P52000165211572544981480

Credits

Michelin CERT