
Critical Cacti Vulnerabilities Expose Servers to Pre-Auth SQL Injection Attacks
The Cacti network monitoring framework has been hit with a wave of critical and high-severity security advisories, with multiple vulnerabilities including pre-authentication SQL injection and local file inclusion flaws disclosed in versions up to and including 1.2.30. The most severe flaw, CVE-2026-39893, affects the graph_view.php component, where the rfilter request variable was directly concatenated into […]
The post Critical Cacti Vulnerabilities Expose Servers to Pre-Auth SQL Injection Attacks appeared first on Cyber Security News.