CVE-2026-25947

Name of the Vulnerable Software and Affected Versions Worklenz versions prior to 2.1.7

Description Worklenz, a project management tool, contains multiple SQL injection flaws in its backend SQL query construction. These flaws affect project and task management controllers, reporting and financial data endpoints, real-time socket.io handlers, and resource allocation and scheduling features. The issue allows for potential unauthorized access and manipulation of data through crafted SQL queries.

Recommendations Update to version 2.1.7 or later.