OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being incorporated into a SQL query, allowing an unauthenticated remote attacker to bypass authentication and log in as an administrator without supplying a valid password.
OSNexus QuantaStor SDS
Vulnerability
CVE-2026-10880
NVD
Refer to CVE-2026-10880 NVD advisory