Vendor
CVE-2026-8297 is a critical SQL injection vulnerability in Gis Informatics Engineering Consulting Laboratory R&D and Software Services Inc.'s GisLab Laboratory Management System, affecting versions 1.4.03 through 08072026, which allows unauthenticated remote attackers to execute arbitrary SQL commands and achieve high impact on confidentiality, integrity, and availability of sensitive data.