Vulnerability in Wakyma Application Web

CVE-2026-3023

Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/pets/print-tags'. This vulnerability could allow an authenticated user to alter a POST request to the affected…

EPSS: 0.000 (14.3th percentile) — read the EPSS interpretation.

Affected products

Wakyma Application Web — versions all versions

Weakness classification (CWE)

CWE-943 — Improper Neutralization of Special Elements in Data Query Logic

References

www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wakyma-appl… (patch)