CERT Polska has received a report about 2 vulnerabilities (CVE-2025-12462 and CVE-2025-14532) found in DobryCMS software.

CERT Polska has received reports about 8 vulnerabilities found in CGM CLININET and CGM NETRAAD software.

SQL Injection vulnerability (CVE-2025-15498) has been found in Pro3W CMS software.

CERT Polska has received a report about 3 vulnerabilities (from CVE-2026-24350 to CVE-2026-24352) found in PluXml CMS software.

Reflected XSS vulnerability (CVE-2026-1434) has been found in Omega-PSIR software.

SQL Injection vulnerability (CVE-2026-1198) has been found in Simple.ERP software.

Use of Hard-coded Credentials vulnerability (CVE-2025-13776) has been found in Finka-FK, Finka-KPR, Finka-Płace, Finka-Faktura, Finka-Magazyn, Finka-STW applications.

Missing Authentication for Critical Function vulnerability (CVE-2025-14577) has been found in in multiple Slican devices.

CERT Polska has received a report about 2 vulnerabilities (CVE-2026-23796 and CVE-2026-23797) found in Quick.Cart software.

Exposure of Private Personal Information to an Unauthorized Actor vulnerability (CVE-2025-11598) has been found in mObywatel application for iOS.