Skip to main content

Sem Pmp

1 CVEs product

Monthly

CVE-2026-5801 CRITICAL Act Now

SQL injection in Semtek SEM-PMP through build 23042026 allows remote attackers to inject arbitrary SQL and, per the vendor description, escalate to operating-system command execution through the database layer. The flaw carries a critical CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) rating and is reachable over the network without authentication or user interaction. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the combination of unauthenticated network reach and command-execution impact makes it a high-priority patching target.

SQLi Sem Pmp
NVD
CVSS 3.1
9.8
EPSS
0.4%
EPSS 0% CVSS 9.8
CRITICAL Act Now

SQL injection in Semtek SEM-PMP through build 23042026 allows remote attackers to inject arbitrary SQL and, per the vendor description, escalate to operating-system command execution through the database layer. The flaw carries a critical CVSS 9.8 (AV:N/AC:L/PR:N/UI:N) rating and is reachable over the network without authentication or user interaction. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV, but the combination of unauthenticated network reach and command-execution impact makes it a high-priority patching target.

SQLi Sem Pmp
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy