Security Advisory

CVE-2026-3023

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-16 10:12:53

Last updated 2026-03-16 13:25:33

Assigner INCIBE

State PUBLISHED

Description

Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint vets.wakyma.com/pets/print-tags. This vulnerability could allow an authenticated user to alter a POST request to the affected endpoint for the purpose of injecting NoSQL commands, allowing them to list both pets and owner names.

← Browse all CVEs View on cve.org ↗