CVE-2026-40529

MEDIUM CVSS 4.7 View on NVD ↗

Description

CMS ALAYA provided by KANATA Limited contains an SQL injection vulnerability. Information stored in the database may be obtained or altered by an attacker with access to the administrative interface.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

References

https://jvn.jp/en/jp/JVN08026319/

Published: Apr 23, 2026 05:16 UTC Modified: Apr 23, 2026 16:23 UTC