HIGH SeverityCVSS 4.07.6CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:C/RE:L/U:Amber

CVE-2026-34187

Last updated May 12, 2026 · Published May 12, 2026

Description

Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800

Affected products

1 listed

Pandora FMS:Pandora FMS

Mappings

CWE

CWE-89

CAPEC

CAPEC-66

Research

SQL InjectionCovers how unsafe query construction enables data theft and database compromise. Provides parameterization and…

Guides

SQL Injection Prevention with PrismaSafe patterns for raw queries and dynamic filters.

Training

Injection TodaySQL, NoSQL, ORM, and LLM injection - what's changed and what hasn't.

CVE-2026-34187

Description

Affected products

Mappings

Related