Security Advisory
CVE-2025-46011
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Listmonk v4.1.0 (fixed in v5.0.0) is vulnerable to SQL Injection in the QuerySubscribers function which allows attackers to escalate privileges.