What is CVE-2026-32813?

CVE-2026-32813 is a high-severity vulnerability in Admidio, classified under SQL Injection. CVSS score: 8.0/10. Published 2026-03-20.

How severe is CVE-2026-32813?

High severity. CVSS v3 base score is 8.0 out of 10.

SQL Injection in Admidio

CVE-2026-32813

Admidio is an open-source user management solution. Versions 5.0.6 and below are vulnerable to arbitrary SQL Injection through the MyList configuration feature. The MyList configuration feature lets authenticated users define custom list c…

Vulnerability class: SQL Injection

EPSS: 0.000 (12.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.0 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Admidio — versions < 5.0.7

Weakness classification (CWE)

CWE-89 — SQL Injection

References

https://github.com/Admidio/admidio/security/advisories/GHSA-3x67-4c2c-w45m (x_refsource_CONFIRM)
https://github.com/Admidio/admidio/commit/3473bf5a7aa1bfc5043e73979719396276f4189f (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-32813?: CVE-2026-32813 is a high-severity vulnerability in Admidio, classified under SQL Injection. CVSS score: 8.0/10. Published 2026-03-20.
How severe is CVE-2026-32813?: High severity. CVSS v3 base score is 8.0 out of 10.