CVE Catalog
CVE-2026-56034
CriticalCVSS 9.3Exploitation Probability (EPSS)
Low risk0.29%
21th percentile — higher than 21% of all known CVEs
Summary
An unauthenticated SQL Injection vulnerability exists in Library Management System versions 3.5.7 and earlier. An attacker can remotely execute arbitrary SQL queries, leading to unauthorized database access.
Risk Assessment
The risk includes theft, modification, or deletion of library data, including user and book records. It may also allow system takeover through privilege escalation.
Recommendation
Immediately upgrade the system to a version newer than 3.5.7 that contains the fix. In the meantime, restrict access to the system to trusted networks only.
Original NVD description (English source)
Unauthenticated SQL Injection in Library Management System <= 3.5.7 versions.

