Unrated severityNVD Advisory· Published Aug 12, 2025· Updated Feb 26, 2026
CVE-2025-8296
CVE-2025-8296
Description
SQL injection in Ivanti Avalanche before version 6.4.8.8008 allows a remote authenticated attacker with admin privileges to execute arbitrary SQL queries. In certain conditions, this can also lead to remote code execution
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.