A vulnerability categorized as critical has been discovered in AcyMailing up to 10.11.0. This impacts an unknown function of the component AcyMailing. Such manipulation leads to sql injection.

This vulnerability is referenced as CVE-2026-56292. It is possible to launch the attack remotely. No exploit is available.