Ghostwire

CVE-2026-38158: A SQL injection vulnerability in the /ureport/datasource/previewData component of ureport v2.2.9 allows attackers to...

CRITICAL CVSS 0.0

Published: July 16, 2026 | Last Modified: July 16, 2026

Description

A SQL injection vulnerability in the /ureport/datasource/previewData component of ureport v2.2.9 allows attackers to access sensitive database information via crafted SQL statements.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References