Security Advisory

CVE-2026-34400

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-31 21:00:59

Last updated 2026-04-03 16:36:42

Assigner GitHub_M

State PUBLISHED

Description

Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API (q=) was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been patched in version 9.1.0.

← Browse all CVEs View on cve.org ↗