cbcvebase.
CVE-2026-1367
published 2026-02-23

CVE-2026-1367: Zohocorp ManageEngine ADSelfService Plus versions 6522 and below are vulnerable to authenticated SQL Injection in the search report option.

PriorityP260high8.3CVSS 3.1
AVNACLPRLUINSUCHIHAL
EPSS
7.87%
94.0th percentile
Zohocorp ManageEngine ADSelfService Plus versions 6522 and below are vulnerable to authenticated SQL Injection in the search report option.

Affected

1 ranges
VendorProductVersion rangeFixed in
zohocorpmanageengine_adselfservice_plus< 65236523

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is an authenticated SQL Injection in the search report option of ManageEngine ADSelfService Plus — monitor HTTP requests to the search report endpoint for SQL metacharacters or injection payloads from authenticated sessions.
  • ·Exploitation requires authentication; attack surface is limited to authenticated users but the CVSS score is HIGH (8.3), indicating significant post-auth impact. Patch to version 6523 or above (fix added Feb 24, 2026).
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.