🔐 CVE Alert

CVE-2026-50644

UNKNOWN 0.0

SQL Injection in SOPlanning Audit Retention Configuration

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

SOPlanning is vulnerable to SQL injection in the audit retention configuration. An attacker holding parameters_all rights can inject SQL commands into the audit configuration form which is then saved. The execution is triggered when the audit functionality is accessed (by the attacker or another user). This issue was fixed in version 1.56.01.

CWE CWE-89
Vendor soplanning
Product soplanning
Published Jul 9, 2026
Last Updated Jul 9, 2026
Stay Ahead of the Next One

Get instant alerts for soplanning soplanning

Be the first to know when new unknown vulnerabilities affecting soplanning soplanning are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

SOPlanning / SOPlanning
0 < 1.56.01

References

NVD ↗ CVE.org ↗ EPSS Data ↗
cert.pl: https://cert.pl/en/posts/2026/07/CVE-2026-50644 soplanning.org: https://www.soplanning.org/en/

Credits

Arkadiusz Marta