VYPR

readarr

by readarr

CVEs (1)

  • CVE-2025-50983HigAug 27, 2025
    risk 0.54cvss 8.3epss 0.00

    SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and execute arbitrary SQL commands against the backend…