{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T19:41:48.893","vulnerabilities":[{"cve":{"id":"CVE-2025-10350","sourceIdentifier":"cvd@cert.pl","published":"2026-03-02T12:15:59.547","lastModified":"2026-04-27T19:12:50.753","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability in \"imageserver\" module when processing C-FIND queries in CGM NETRAAD software allows attacker connected to PACS gaining access to database, including data processed by GCM CLININET software.This issue affects CGM NETRAAD with imageserver module in versions before 7.9.0."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en el módulo 'imageserver' al procesar consultas C-FIND en el software CGM NETRAAD permite al atacante conectado a PACS obtener acceso a la base de datos, incluyendo datos procesados por el software GCM CLININET. Este problema afecta a CGM NETRAAD con el módulo imageserver en versiones anteriores a la 7.9.0."}],"metrics":{"cvssMetricV40":[{"source":"cvd@cert.pl","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"cvd@cert.pl","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://cert.pl/en/posts/2026/03/CVE-2025-10350/","source":"cvd@cert.pl"},{"url":"https://www.cgm.com/pol_pl/products/szpital/cgm-netraad.html","source":"cvd@cert.pl"}]}}]}