Tag
CVE-2026-33616 describes an unauthenticated blind SQL Injection vulnerability affecting an mb24api endpoint, which a remote attacker can exploit by injecting special elements into a SQL SELECT command, potentially leading to a total loss of confidentiality due to improper neutralization of special elements.