SQLi in SolarWinds Obs. Self-Hosted via lowpriv auth
CVE-2025-26392 Published on October 21, 2025

SolarWinds Observability Self-Hosted SQL Injection Vulnerability
SolarWinds Observability Self-Hosted is susceptible to SQL injection vulnerability that may display sensitive data using a low-level account. This vulnerability requires authentication from a low-privilege account.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

LOW

Integrity Impact:

LOW

Availability Impact:

NONE

Weakness Type

What is a SQL Injection Vulnerability?

The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.

CVE-2025-26392 has been classified to as a SQL Injection vulnerability or weakness.

Products Associated with CVE-2025-26392

Want to know whenever a new CVE is published for SolarWinds Observability Self Hosted? stack.watch will email you.

SolarWinds Observability Self Hosted

Affected Versions

SolarWinds Observability Self-Hosted Version 2025.2.1 and below is affected by CVE-2025-26392

Exploit Probability

EPSS

0.13%

Percentile

32.79%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.