{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "2.4.0"
              },
              {
                "fixed": "5.0.0"
              }
            ]
          },
          "events": [
            {
              "introduced": "c668523c570519797e1e7f01958fe830378d253e"
            },
            {
              "fixed": "3b8a8c23c586dd7b7851844aae91a370e21ecf35"
            },
            {
              "fixed": "4b805f885b9f5a20126ec06f8b59dc448c4af33b"
            },
            {
              "fixed": "0a27de16c6e23b7d4b84d4d91fe59bea10877ad1"
            }
          ],
          "repo": "https://github.com/knadh/listmonk",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "Listmonk v4.1.0 (fixed in v5.0.0) is vulnerable to SQL Injection in the QuerySubscribers function which allows attackers to escalate privileges.",
  "id": "CVE-2025-46011",
  "modified": "2026-03-15T13:45:36.815887077Z",
  "published": "2025-06-04T20:15:23.313Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/kevinroleke/security/tree/main/CVE-2025-46011"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/knadh/listmonk/releases/tag/v4.1.0"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/knadh/listmonk/releases/tag/v5.0.0"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/knadh/listmonk/issues/2412"
    },
    {
      "type": "FIX",
      "url": "https://github.com/knadh/listmonk/commit/4b805f885b9f5a20126ec06f8b59dc448c4af33b"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}