A vulnerability classified as critical was found in Osnexus QuantaStor up to 6.6.0 . This vulnerability affects unknown code of the component Login Endpoint . The manipulation of the argument Username results in sql injection. This vulnerability is reported as CVE-2026-10880 . The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.