Vendor
A SQL Injection vulnerability (CVE-2026-15804) in MetaGuru's HCM software allows authenticated remote attackers to inject SQL commands via specific parameters, compromising database confidentiality, integrity, and availability.