CVE-2026-34747 in payloadcms payloadinfo

Summary

Payload is a free and open source headless content management system. Prior to version 3.79.1, certain request inputs were not properly validated. An attacker could craft requests that influence SQL query execution, potentially exposing or modifying data in collections. This issue has been patched in version 3.79.1.

Responsible

GitHub_M

Reservation

03/30/2026

Disclosure

04/01/2026

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
354762payloadcms payload sql injection89Not definedOfficial fixCVE-2026-34747

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!