SQL Injection in Raytha
CVE-2026-12076
Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to f…
Vulnerability class: SQL Injection
EPSS: 0.004 (34.5th percentile) — read the EPSS interpretation.
Affected products
- Raytha — versions 1.5.2
Weakness classification (CWE)
References
- cvd@cert.pl
- cvd@cert.pl (product)