CVE-2026-57821 - Apache Fineract: Office list: SQL Injection via Subquery in orderBy
CVE ID :CVE-2026-57821 Published : July 15, 2026, 10:16 a.m. | 4 hours, 17 minutes ago Description :A SQL Injection vulnerability exists in Apache Fineract's Office Search API (GET /api/v1/offices) in versions up to and including 1.14.0. The orderBy request parameter is concatenated into a...