{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T14:19:16.825","vulnerabilities":[{"cve":{"id":"CVE-2026-4317","sourceIdentifier":"cve-coordination@incibe.es","published":"2026-03-31T10:16:19.153","lastModified":"2026-04-01T14:24:02.583","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"SQL inyection (SQLi) vulnerability in Umami Software web application through an improperly sanitized parameter, which could allow an authenticated attacker to execute arbitrary SQL commands in the database.Specifically, they could manipulate the value of the 'timezone' request parameter by including malicious characters and SQL payload. The application would interpolate these values directly into the SQL query without first performing proper filtering or sanitization (e.g., using functions such as 'prisma.rawQuery', 'prisma.$queryRawUnsafe' or raw queries with 'ClickHouse'). The successful explotation of this vulnerability could allow an authenticated attacker to compromiso the data of the database and execute dangerous functions."},{"lang":"es","value":"Vulnerabilidad de inyección SQL (SQLi) en la aplicación web de Umami Software a través de un parámetro incorrectamente saneado, lo que podría permitir a un atacante autenticado ejecutar comandos SQL arbitrarios en la base de datos. Específicamente, podrían manipular el valor del parámetro de solicitud 'timezone' incluyendo caracteres maliciosos y una carga útil SQL. La aplicación interpolaría estos valores directamente en la consulta SQL sin realizar primero un filtrado o saneamiento adecuado (por ejemplo, utilizando funciones como 'prisma.rawQuery', 'prisma.$queryRawUnsafe' o consultas sin procesar con 'ClickHouse'). La explotación exitosa de esta vulnerabilidad podría permitir a un atacante autenticado comprometer los datos de la base de datos y ejecutar funciones peligrosas."}],"metrics":{"cvssMetricV40":[{"source":"cve-coordination@incibe.es","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"cve-coordination@incibe.es","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/sql-inyection-umami-software-application","source":"cve-coordination@incibe.es"}]}}]}