CVE-2026-3022

UNKNOWN 0.0

Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/hospitalization/generate-hospitalization-summary'. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting special NoSQL commands, resulting in the attacker being able to obtain customer reports.

CWE	CWE-943
Vendor	wakyma
Product	wakyma application web
Published	Mar 16, 2026
Last Updated	Mar 16, 2026

Stay Ahead of the Next One

Get instant alerts for wakyma wakyma application web

Be the first to know when new unknown vulnerabilities affecting wakyma wakyma application web are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Wakyma / Wakyma application web

all versions

References

NVD ↗ CVE.org ↗ EPSS Data ↗

incibe.es: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-application-web