CVE-2026-30711

Devome GRR v4.5.0 was discovered to contain multiple authenticated SQL injection vulnerabilities in the include/session.inc.php file via the referer and user-agent.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
References
https://breakpoint.purrfect.fr/article/grr_audit.html
https://breakpoint.purrfect.fr/article/grr_audit.html#v4-sql-injection-in-session-inc-php-1