LOW
Bahmni
CVE published 2026-07-12
CVE-2026-15477
CVE-2026-15477 is a SQL injection vulnerability in the Bahmni bahmnicore component. The vulnerability affects versions up to 0.93 and can be exploited remotely. The issue is due to improper handling of user input in the /openmrs/ws/rest/v1/bahmnicore/sql endpoint. Upgrading to version 0.93.1, 1.0.1, 1.1.1, 1.2.1, 1.3.1, or 2.0.1 mitigates this issue. This vulnerability has a CVSS score of 2.1 and is consi [truncated]