216.73.217.22

CVE-2026-5785

· Published 16/04/2026 14:16 · Modified 17/04/2026 15:17

Labels: CVE-2026-5785 0fc0942c-577d-436f-ae8e-945763c79b022026-04-16CVE-2026-5785CWE-89

Essential information

Published
16/04/2026 14:16
Modified
17/04/2026 15:17
Author
Creator
CVSS
8.1 HIGH (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS metrics

Description

Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in the query report module.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
0fc0942c-577d-436f-ae8e-945763c79b02
NVD
View on NVD

Affected products (CPE)

ProductCPE
zohocorp / manageengine pam360 cpe:2.3:a:zohocorp:manageengine_pam360:<8531:*:*:*:*:*:*:*
zohocorp / manageengine password manager pro cpe:2.3:a:zohocorp:manageengine_password_manager_pro:8600-13230:*:*:*:*:*:*:*

References