CVE-2026-11561 | THREATINT

Description

Improper neutralization of special elements used in an expression language statement ('expression language injection') vulnerability in Soagen Informatics Technologies Software and Consulting Inc. Apinizer allows Code Injection. This issue affects Apinizer: from 2026.04.0 before 2026.04.6.

PUBLISHED Reserved 2026-06-08 | Published 2026-06-11 | Updated 2026-06-11 | Assigner TR-CERT

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-917 Improper neutralization of special elements used in an expression language statement ('expression language injection')

Product status

Default status

unaffected

2026.04.0 (custom) before 2026.04.6

affected

Credits

Alperen KESKİN finder

References

siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0365 government-resource

cve.org (CVE-2026-11561)

nvd.nist.gov (CVE-2026-11561)

Download JSON