VYPR

grocy

by Bernd Bestel

CVEs (1)

  • CVE-2026-50890Jun 15, 2026
    Bernd Bestel
    grocy
    risk 0.00cvss epss

    Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement.