SQL Injection Vulnerability in Guardian Language-System (CVE-2026-34105)

SQL Injection Vulnerability in Guardian Language-System (CVE-2026-34105)

First seen 2 Jul 2026, 14:42 UTC Feedlynvd.nist.govcve.reportvulners.com 87% similarity 57.8
Share:

Article Content

Browse articles
ThreatCluster

CVE-2026-34105 describes a critical SQL injection vulnerability in the Guardian language-system, specifically in the translate_text.php file. This flaw allows authenticated attackers to exploit the unsanitized 'id' GET parameter to execute error-based SQL injection attacks. Such attacks can lead to unauthorized data extraction, modification of database contents, or command execution depending on database permissions. As of now, there is no public proof-of-concept or evidence of active exploitation. The vulnerability was published on July 1, 2026, and security advisories recommend updating the system and implementing parameterized queries. The CVSS score for this vulnerability is 4.0, indicating a high severity level. Organizations using the Guardian language-system are advised to take immediate action to mitigate risks.

Key Points: • CVE-2026-34105 is an SQL injection vulnerability in the Guardian language-system. • Authenticated attackers can exploit this flaw to extract sensitive database information. • No evidence of active exploitation or public proof-of-concept exists as of now.

ThreatCluster AI

Timeline

2026-07-01
CVE-2026-34105 published
The vulnerability was officially published, detailing the SQL injection flaw in the Guardian language-system.
Feedly
2026-07-02
NVD entry created
The National Vulnerability Database added CVE-2026-34105, confirming the SQL injection risk.
nvd.nist.gov
2026-07-02
CVE-2026-34105 reported by cve.report
CVE-2026-34105 was also reported by cve.report, reiterating the SQL injection details.
cve.report

Community

Browse all →