CVE-2026-40546

UNKNOWN 0.0

Multiple SQL Injections in SOPlanning

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

9th

SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database. This issue affects SOPlanning version 1.55 and below.

CWE	CWE-89
Vendor	soplanning
Product	soplanning
Published	Jun 1, 2026
Last Updated	Jun 1, 2026

Stay Ahead of the Next One

Get instant alerts for soplanning soplanning

Be the first to know when new unknown vulnerabilities affecting soplanning soplanning are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

SOPlanning / SOPlanning

0 ≤ 1.55

References

NVD ↗ CVE.org ↗ EPSS Data ↗

cert.pl: https://cert.pl/en/posts/2026/06/CVE-2026-40543 soplanning.org: https://www.soplanning.org/en/

Credits

Łukasz Jaworski