sql injection Archives • Page 2 of 6 • Daily CyberSecurity

Mitel Patches Critical SQL Injection and Privilege Escalation in MiCollab Mitel MiCollab SQL Injection MiCollab software - CVE-2024-47223 & CVE-2024-41713

Mitel MiCollab SQL Injection MiCollab software - CVE-2024-47223 & CVE-2024-41713

Mitel Patches Critical SQL Injection and Privilege Escalation in MiCollab

Do Son April 9, 2026

Mitel has issued an urgent security advisory for its MiCollab platform, warning of two distinct vulnerabilities that,...

SonicWall Issues Critical Patch for SMA 1000 Series to Stop SQL Injection and MFA Bypasses SonicWall SMA 1000 MFA Bypass SonicWall SSLVPN Flaw CVE-2025-40601 SonicOS vulnerability - CVE-2024-53704

SonicWall SMA 1000 MFA Bypass SonicWall SSLVPN Flaw CVE-2025-40601 SonicOS vulnerability - CVE-2024-53704

SonicWall Issues Critical Patch for SMA 1000 Series to Stop SQL Injection and MFA Bypasses

Do Son April 9, 2026

SonicWall has released a series of patches for its SMA 1000 series appliances to address four distinct...

10.0 CVSS Flaw in Kestra Grants Full Server Control Kestra RCE SQL Injection Vulnerability

10.0 CVSS Flaw in Kestra Grants Full Server Control

Do Son April 7, 2026

A critical security vulnerability has been unmasked in Kestra, the popular open-source, event-driven orchestration platform. The flaw,...

Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security mbCONNECT24 Vulnerabilities Industrial RCE

Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security

Do Son April 6, 2026

In a significant alert for the industrial automation sector, CERT@VDE has disclosed a series of high-severity vulnerabilities...

2 Million Monthly Users at Risk: Critical 9.3 CVSS SQL Injection Hits MikroORM in “Duck-Typed” Disaster MikroORM SQL Injection CVE-2026-34220

2 Million Monthly Users at Risk: Critical 9.3 CVSS SQL Injection Hits MikroORM in “Duck-Typed” Disaster

Do Son April 1, 2026

A critical vulnerability has been identified in MikroORM, a widely used TypeScript Object-Relational Mapper (ORM) for Node.js....

Zabbix API Vulnerability: High-Severity SQL Injection Threatens Network Monitoring Security Zabbix XSS Vulnerabilities CVE-2026-23926 zabbix - CVE-2024-22116 Zabbix SQL Injection CVE-2026-23921

Zabbix XSS Vulnerabilities CVE-2026-23926 zabbix - CVE-2024-22116 Zabbix SQL Injection CVE-2026-23921

Zabbix API Vulnerability: High-Severity SQL Injection Threatens Network Monitoring Security

Do Son March 26, 2026

A high-severity security vulnerability has been identified in the Zabbix API, a popular open-source monitoring solution used...

Streaming Nightmare: Unpatched CVSS 10.0 Flaws Leave AVideo Servers Wide Open AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

Streaming Nightmare: Unpatched CVSS 10.0 Flaws Leave AVideo Servers Wide Open

Do Son March 25, 2026

AVideo, a popular streaming platform used by creators and businesses to manage and monetize video content, is...

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks Helmholz myREX24V2 Industrial RCE

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks

Do Son March 24, 2026

Industrial connectivity specialist Helmholz GmbH & Co. KG has issued an urgent security advisory regarding multiple vulnerabilities...

Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection Spring AI Vulnerability Remote Code Execution (RCE) Spring AI Vulnerability CVE-2026-22730

Spring AI Vulnerability Remote Code Execution (RCE) Spring AI Vulnerability CVE-2026-22730

Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection

Do Son March 17, 2026

Security researchers have issued a dual-threat alert for developers utilizing the Spring AI framework, a popular tool...

Publicly Disclosed: Bishop Fox Reveals Critical Pre-Auth SQL Injection in FortiClient EMS FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

Publicly Disclosed: Bishop Fox Reveals Critical Pre-Auth SQL Injection in FortiClient EMS

Do Son March 17, 2026

Cybersecurity researchers at Bishop Fox have released a technical deep-dive into a critical vulnerability affecting FortiClient EMS,...

Tenable Uncovers ‘LeakyLooker’ Flaws Turning Google Looker Studio into a Cloud Backdoor LeakyLooker Looker Studio Vulnerability

Tenable Uncovers ‘LeakyLooker’ Flaws Turning Google Looker Studio into a Cloud Backdoor

Do Son March 15, 2026

Business Intelligence (BI) tools are often viewed as “polished mirrors reflecting an organization’s data in beautiful, actionable...

High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites Ally Plugin Vulnerability SQL Injection

High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites

Do Son March 11, 2026

A high-severity SQL Injection vulnerability was found in Ally, a popular web accessibility and usability WordPress plugin....

Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution AVideo RCE YPTSocket Vulnerability AVideo Vulnerabilities Streaming Platform Security AVideo Vulnerabilities CVE-2026-28501

Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution

Do Son March 4, 2026

Security researchers have identified two severe vulnerabilities in AVideo, a popular open-source video streaming platform used by...

Major Security Overhaul for Apache Superset: Five Vulnerabilities Patched CVE-2024-55633 Apache Superset Security CVE-2026-23984

Major Security Overhaul for Apache Superset: Five Vulnerabilities Patched

Do Son February 26, 2026

Apache Superset is a modern data exploration and data visualization platform. Superset can replace or augment proprietary...

Critical SQL Injection Vulnerability Found in ‘ormar’ Python Library Python asyncio Vulnerability Windows Buffer Overflow ormar SQL Injection CVE-2026-26198 CVE-2024-49768 - Waitress WSGI server

Python asyncio Vulnerability Windows Buffer Overflow ormar SQL Injection CVE-2026-26198 CVE-2024-49768 - Waitress WSGI server

Critical SQL Injection Vulnerability Found in ‘ormar’ Python Library

Do Son February 26, 2026

A major security flaw has been unearthed in ormar, a popular asynchronous mini Object-Relational Mapper (ORM) for...

CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

Ivanti EPM Vulnerability CVE-2026-1603 Ivanti EPM Critical XSS, Unauthenticated File Write CVE-2024-29847 & CVE-2024-8190 Ivanti ITSM, Authentication Bypass

CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets

Do Son February 12, 2026

Ivanti has rolled out important security updates for its Endpoint Manager (EPM), addressing a pair of vulnerabilities...

CVE-2026-25993: Critical EverShop SQL Injection (CVSS 9.3) Exposes Stores EverShop Vulnerability Second-Order SQL Injection

CVE-2026-25993: Critical EverShop SQL Injection (CVSS 9.3) Exposes Stores

Do Son February 12, 2026

A critical vulnerability has been discovered in EverShop, a modern, developer-focused e-commerce platform built on React and...

CVE-2026-25544: Critical Payload CMS SQLi (CVSS 9.8) Exposes Admin Tokens Payload CMS Vulnerability CVE-2026-25544

CVE-2026-25544: Critical Payload CMS SQLi (CVSS 9.8) Exposes Admin Tokens

Do Son February 10, 2026

A massive security hole has been blown open in Payload, the popular “Next.js native CMS” designed to...

Endpoint Exposed: Critical FortiClient EMS Flaw (CVSS 9.1) Allows Unauthenticated RCE FortiSandbox Vulnerability Unauthenticated RCE FortiClient EMS Vulnerability CVE-2026-21643 FortiClient EMS Vulnerability CVE-2026-21643 CVE-2023-34992 - CVE-2023-37936 Fortinet Vulnerabilities CVE-2025-64155

Endpoint Exposed: Critical FortiClient EMS Flaw (CVSS 9.1) Allows Unauthenticated RCE

Do Son February 9, 2026

Fortinet has issued a high-priority security advisory for its FortiClient Enterprise Management Server (EMS), warning of a...

Urgent Django Update: Patches 3 Critical SQL Injections & DoS Risks Django Security Update CVE-2026-25673 Django Security Update SQL Injection Vulnerability Django SQL Injection, PostgreSQL Flaw CVE-2022-34265 PoC Django, SQL injection

Django Security Update CVE-2026-25673 Django Security Update SQL Injection Vulnerability Django SQL Injection, PostgreSQL Flaw CVE-2022-34265 PoC Django, SQL injection

Urgent Django Update: Patches 3 Critical SQL Injections & DoS Risks

Do Son February 4, 2026

The maintainers of the popular Python web framework Django have issued an urgent security release to squash...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

sql injection

Mitel Patches Critical SQL Injection and Privilege Escalation in MiCollab

SonicWall Issues Critical Patch for SMA 1000 Series to Stop SQL Injection and MFA Bypasses

10.0 CVSS Flaw in Kestra Grants Full Server Control

Critical RCE and SQLi Flaws Shatter mbCONNECT24 Industrial Security

2 Million Monthly Users at Risk: Critical 9.3 CVSS SQL Injection Hits MikroORM in “Duck-Typed” Disaster

Zabbix API Vulnerability: High-Severity SQL Injection Threatens Network Monitoring Security

Streaming Nightmare: Unpatched CVSS 10.0 Flaws Leave AVideo Servers Wide Open

Bridge or Backdoor? Critical 9.8 RCE Flaw Threatens Helmholz Industrial Networks

Critical Spring AI Flaws Expose Databases to SQL and JSONPath Injection

Publicly Disclosed: Bishop Fox Reveals Critical Pre-Auth SQL Injection in FortiClient EMS

High-Severity SQL Injection in Ally WordPress Plugin Threatens 400K Sites

Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution

Major Security Overhaul for Apache Superset: Five Vulnerabilities Patched

Critical SQL Injection Vulnerability Found in ‘ormar’ Python Library

CVE-2026-1603: Remote Unauthenticated Attacker Can Steal Ivanti EPM Secrets

CVE-2026-25993: Critical EverShop SQL Injection (CVSS 9.3) Exposes Stores

CVE-2026-25544: Critical Payload CMS SQLi (CVSS 9.8) Exposes Admin Tokens

Endpoint Exposed: Critical FortiClient EMS Flaw (CVSS 9.1) Allows Unauthenticated RCE

Urgent Django Update: Patches 3 Critical SQL Injections & DoS Risks