Threats Tagged 'cve-2026-3956'
View all threats tagged with 'cve-2026-3956'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'cve-2026-3956'
Click on any threat for detailed analysis and mitigation recommendations
CVE-2026-3956: SQL Injection in xierongwkhd weimai-wetappCVE-2026-3956 0 CVE-2026-3956 is a medium-severity SQL injection vulnerability in the xierongwkhd weimai-wetapp product, specifically in the getAdmins function of the Admin_AdminUserController. java file. The vulnerability arises from improper sanitization of the 'keyword' argument, allowing remote attackers to manipulate SQL queries. Exploitation does not require user interaction but does require high privileges. The vulnerability affects a specific commit version, with no clear patched release due to the product's rolling release model. Although no known exploits are currently in the wild, a public exploit exists. This flaw can lead to partial compromise of confidentiality, integrity, and availability of the affected system. Organizations using this software should prioritize code review and input validation to mitigate risk. Countries with significant deployments of this product or similar Java-based web applications are at higher risk. The CVSS 4. Join the discussion | CVE Database V5 | 03/11/2026, 20:32:11 UTC Added: 03/11/2026, 20:44:50 UTC |
Showing 1 to 1 of 1 result