VYPR

Alerta

by Alerta Project

Source repositories

CVEs (1)

  • CVE-2026-34400CriMar 31, 2026
    risk 0.57cvss 9.8epss 0.01

    Alerta is a monitoring tool. Prior to version 9.1.0, the Query string search API (q=) was vulnerable to SQL injection via the Postgres query parser, which built WHERE clauses by interpolating user-supplied search terms directly into SQL strings via f-strings. This issue has been…