CVE-2026-27768 MEDIUM

CVE-2026-27768

Vendor Genetec Inc.

Product Genetec Security Center

Weakness CWE-89 · SQLi

Published May 25, 2026

Last update May 27, 2026

View on NVD All CVEs

CVSS base score

6.6/10

Attack vector Network

Attack complexity High

Privileges required High

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

SQL Injection affecting the Access Manager role.

Key dates

02Disclosure timeline

May 25, 2026 CVE published

May 27, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2026-27768 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

04Related CVE

CVE-2025-11503 PHPGurukul Beauty Parlour Management System manage-services.php sql injection CVE-2013-10033 Kimai 0.9.2 db_restore.php SQL Injection CVE-2025-26609 SQL Injection endpoint 'familiar_docfamiliar.php' parameter 'id_dependente', 'id_doc' in WeGIA CVE-2024-7273 itsourcecode Alton Management System search.php sql injection CVE-2023-2413 SourceCodester AC Repair and Services System manage_booking.php sql injection

Identifiers

CVE CVE-2026-27768

CWE CWE-89

CVSS 6.6 / MEDIUM

Affected versions

Vendor Genetec Inc.

Product Genetec Security Center

Affected <=5.9.5.11

Vendor Genetec Inc.

Product Genetec Security Center

Affected <=5.10.4.31

Vendor Genetec Inc.

Product Genetec Security Center

Affected <=5.11.3.28

Vendor Genetec Inc.

Product Genetec Security Center

Affected >=5.12.0.0 <5.12.2.17

Vendor Genetec Inc.

Product Genetec Security Center

Affected >=5.13.0.0 <5.13.3.5