CVE-2026-1367 | Zoho ManageEngine ADSelfService Plus up to 6522 Search Report sql injection

Inserito da Angelo Barbosa | Feb 23, 2026 | CVE

A vulnerability was found in Zoho ManageEngine ADSelfService Plus up to 6522 and classified as critical. This vulnerability affects unknown code of the component Search Report. Such manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2026-1367. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-1367 | Zoho ManageEngine ADSelfService Plus up to 6522 Search Report sql injection

Post correlati

CVE-2024-35820 | Linux Kernel up to 6.7.11/6.8.2 io_uring __io_queue_proc Privilege Escalation (51a490a7f63c/0ecb8919469e/1a8ec63b2b6c)

CVE-2025-31961 | HCL Connections 8.0 insufficient granularity of access control (KB0123268)

CVE-2024-34623 | Samsung Notes 2.0.02.31/4.2.00.22/4.2.04.27/4.3.14.39/4.4.15 out-of-bounds write

CVE-2025-64456 | JetBrains ReSharper 2019.2 DPA Collector signature verification