SQL Injection Vulnerability in Delinea Inc. Cloud Suite and Privileged Access Service
CVE-2025-12812

5.3MEDIUM

Key Information:

Vendor: Delinea Inc.
Status: Cloud Suite And Privileged Access Service
Vendor: CVE Published:; 18 February 2026

🔔 Create Delinea Inc. Vulnerability Alert

What is CVE-2025-12812?

An SQL injection vulnerability exists in Delinea Inc.'s Cloud Suite and Privileged Access Service. This flaw arises from improper neutralization of special elements used in SQL commands, allowing attackers to execute arbitrary SQL queries. Exploiting this vulnerability could enable unauthorized access to sensitive information, compromising the integrity and confidentiality of the data managed by these services. Delinea has addressed this issue in version 25.1 of Cloud Suite. It is crucial for users of the affected products to upgrade to the latest version to mitigate this risk.

Affected Version(s)

Cloud Suite and Privileged Access Service 23.1.2 and earlier

Cloud Suite and Privileged Access Service 25.1 and above

References

https://trust.delinea.com/?tcuUid=9681f2f0-f9b2-4c7a-abc6...

https://docs.delinea.com/online-help/cloud-suite/release-...

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 18, 2026
Vulnerability Reserved
Nov 6, 2025

Credit

Dawid Dudek

CVE-2025-12812 Data

JSON