What is CVE-2026-37749?

CVE-2026-37749 is a vulnerability in N/a. Published 2026-04-17.

Is CVE-2026-37749 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2026-37749

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php.

EPSS: 0.001 (22.7th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

menevarad007/CVE-2026-37749

References

codeastro.com/simple-attendance-management-system-in-php-with-source-code/
github.com/menevarad007/CVE-2026-37749

Frequently asked questions

What is CVE-2026-37749?: CVE-2026-37749 is a vulnerability in N/a. Published 2026-04-17.
Is CVE-2026-37749 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.