CVE-2026-31952 - Xibo CMS API has SQL Injection via DataSet Filter Parameter
CVE ID :CVE-2026-31952 Published : April 24, 2026, 12:16 a.m. | 1 hour, 35 minutes ago Description :Xibo is an open source digital signage platform with a web content management system and Windows display player software. Versions 1.7 through 4.4.0 have an SQL injection vulnerability in the AP
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Fixing the Exploit Didn’t Fix the System: An Exploration of Trust Boundaries
- [CYBER] The Mythos "breach" breakdown — no zero-day needed, just a supply chain failure and a leaked URL convention. Here's the full attack chain.
- [CYBER] Hack The Box - Snapped Writeup
- [CYBER] Aave Leads DeFi United to Restore rsETH Backing After KelpDAO Exploit - Cryptonews.net
- [CYBER] Fake app drains Filipino retiree’s life savings via ‘malware-as-a-service’
- [CYBER] I Built a Security Scanner That Audits PDFs Before You Send Them. Here's How. [Devlog #10]