CVE advisoryCRITICAL
CVE-2025-56385
WellSky Harmony SQL Injection Vulnerability
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A SQL injection flaw exists in WellSky Harmony's login feature that allows unauthenticated attackers to bypass authentication. This could lead to sensitive data exposure or system compromise. As the login function is internet-reachable, it presents a significant risk. WellSky Harmony is the affected technology. The pot