VYPR
Unrated severityNVD Advisory· Published Mar 16, 2026· Updated Mar 16, 2026

Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma application web

CVE-2026-3021

Description

Non-relational SQL injection vulnerability (NoSQLi) in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL commands. This would lead to the enumeration of sensitive employee data.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Wakyma/Wakymallm-fuzzy
  • Wakyma/Wakyma application webv5
    Range: all versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.