CVE-2026-34187
CRITICAL WAF: High
CVSS 9.8
Published: 2026-05-12
CWE-89
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via graph container parameter. This issue affects Pandora FMS: from 777 through 800
WAF Coverage Analysis
SQL Injection
High WAF Coverage
OWASP: A03:2021 Injection
942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| artica | pandora_fms | up to 777.17 |
| artica | pandora_fms | 778 - 802 |
References
- pandorafms.com (Vendor Advisory)