Loading market data...
← Back to CVE feed

CVE-2026-50890

UNKNOWN View on NVD ↗

Description

Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.

Published: Jun 15, 2026 20:16 UTC Modified: Jun 16, 2026 15:49 UTC