CVE lookup
CVE-2026-25544
Pruva has a verified reproduction for CVE-2026-25544: Payload CMS: Blind SQL Injection in JSON/RichText Queries via Drizzle Adapters. The canonical evidence record is REPRO-2026-00092.
REPRO
REPRO-2026-00092
Package
@payloadcms/drizzle · npm
Severity
CRITICAL
Status
published