Product
A SQL injection vulnerability, identified as CVE-2026-15498, exists in the Login component of sergomanov SmartHomeAdatum, affecting versions up to commit cf495353d81b680675eb8d9aa14a318aa45ce12c. This flaw allows remote attackers to perform SQL injection by manipulating the 'Login' argument in the 'users.php' file.