CVE-2026-9784

Name of the Vulnerable Software and Affected Versions Quest NetVault Backup (affected versions not specified)

Description A flaw in the processing of NVBULibraryPort JSON-RPC messages allows remote attackers to execute arbitrary code in the context of NETWORK SERVICE. The issue stems from improper validation of a user-supplied string used to construct SQL queries, leading to SQL injection. Although authentication is typically required, the authentication mechanism can be bypassed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.