Description

Worklenz is a project management tool. Prior to 2.1.7, there are multiple SQL injection vulnerabilities were discovered in backend SQL query construction affecting project and task management controllers, reporting and financial data endpoints, real-time socket.io handlers, and resource allocation and scheduling features. The vulnerability has been patched in version v2.1.7.

INFO

Published Date :

2026-02-10T17:32:56.224Z

Last Modified :

2026-02-10T19:26:19.859Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-25947 vulnerability.

Vendors Products
Worklenz
  • Worklenz
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-25947.

URL Resource
https://github.com/Worklenz/worklenz/commit/76e5cb0f5dd566fb65586cd3db30ee951c92a32b cve-icon cve-icon
https://github.com/Worklenz/worklenz/releases/tag/v2.1.7 cve-icon cve-icon
https://github.com/Worklenz/worklenz/security/advisories/GHSA-f2f8-2ppj-85pf cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact