ManageEngine security advisory—Important security fixes released for ManageEngine Password Manager Pro

ManageEngine security advisory—Important security fixes released for ManageEngine Password Manager Pro

Hi there,

This security advisory is to let you know that an authenticated SQL Injection vulnerability was identified in Password Manager Pro, The vulnerability has been addressed, and the issue does not exist in the fixed version.

 

CVE ID: CVE-2026-14828

 

Severity : High

 

Product Name

Affected Version(s)

Fixed Version(s)

Fixed On

Password Manager Pro

Till 13234

13235

July 7, 2026

 

(Please note that this vulnerability applies to only those who have installed or upgraded to the above mentioned version)

 

Impact:

The SQL injection vulnerability allows an adversary to craft a malicious query to execute unintended SQL operations on the database.

Steps to Upgrade:

  1. Download the latest upgrade pack from the following link

  1. Apply the latest build to your existing product installation as per the upgrade pack instructions provided in the above links.

 

Please contact the product support for further details at the below mentioned email addresses:


Password Manager Pro: passwordmanagerpro-support@manageengine.com


Thanks,

Dhamodhara Reddy

Head -Enterprise Support