CVE-2026-40546

NONE

—CVSS v3

—CVSS v2

0.03% EPSS (exploit probability)

CWE-89CWE

Description

SOPlanning is vulnerable to SQL Injection across multiple endpoints and parameters. Attacker with low privileges can inject arbitrary SQL commands, potentially gaining full control over the database.

This issue affects SOPlanning version 1.55 and below.

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE