CVE-2026-33504 | ory hydra up to 26.1.x Admin API sql injection

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability was found in ory hydra up to 26.1.x. It has been classified as critical. The impacted element is an unknown function of the component Admin API. This manipulation causes sql injection.

This vulnerability is handled as CVE-2026-33504. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is recommended.

CVE-2026-33504 | ory hydra up to 26.1.x Admin API sql injection

Post correlati

CVE-2025-11165 | dotCMS 24.12/25.07 Velocity Scripting Engine sql injection

CVE-2024-47972 | Solidigm D7-P5510/D5-P5316/D7-P5520/D7-P5620 resource consumption

CVE-2024-1279 | Paid Memberships Pro Plugin up to 2.12.8 on WordPress Metadata information disclosure

CVE-2023-52059 | Gestsup 3.2.46 Description cross site scripting