CVE-2026-56287 | Apache Fineract up to 1.14.0 Client Search API /api/v1/clients orderBy/sortOrder sql injection (EUVD-2026-44603)
A vulnerability, which was classified as critical, was found in Apache Fineract up to 1.14.0. This vulnerability affects unknown code of the file /api/v1/clients of the component Client Search API. The manipulation of the argument orderBy/sortOrder results in sql injection.
This vulnerability is identified as CVE-2026-56287. The attack can be executed remotely. There is not any exploit available.