472 matches found
CVE-2026-33468 Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or similar methods that append string literal values into the compiled SQL strings
Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's DefaultQueryCompiler.sanitizeStringLiteral only escapes single quotes by doubling them ' → '' but does not escape backslashes. When used with the MySQL dialect where NOBACKSLASHESCAPES is OFF by default, an...
CVE-2026-33468 Kysely has a MySQL SQL Injection via Insufficient Backslash Escaping in `sql.lit(string)` usage or similar methods that append string literal values into the compiled SQL strings
Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's DefaultQueryCompiler.sanitizeStringLiteral only escapes single quotes by doubling them ' → '' but does not escape backslashes. When used with the MySQL dialect where NOBACKSLASHESCAPES is OFF by default, an...
CVE-2026-33468
Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's DefaultQueryCompiler.sanitizeStringLiteral only escapes single quotes by doubling them ' → '' but does not escape backslashes. When used with the MySQL dialect where NOBACKSLASHESCAPES is OFF by default, an...
CVE-2026-33468
Kysely (TypeScript SQL query builder) prior to version 0.28.14 is vulnerable to SQL injection when using the MySQL dialect if NO_BACKSLASH_ESCAPES is OFF, due to DefaultQueryCompiler.sanitizeStringLiteral() not escaping backslashes. The issue affects code paths that inline values via ImmediateVal...
CVE-2026-33442 Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keys.
Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...
CVE-2026-33442 Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keys.
Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...
CVE-2026-33442
Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...
CVE-2026-33442 Kysely has a MySQL SQL Injection via Backslash Escape Bypass in non-type-safe usage of JSON path keys.
Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the sanitizeStringLiteral method in Kysely's query compiler escapes single quotes ' → '' but does not escape backslashes. On MySQL with the default BACKSLASHESCAPES SQL mode, an attacker can inject a backslash...
CVE-2026-33442
CVE-2026-33442 affects Kysely (TypeScript SQL query builder). In versions 0.28.12 and 0.28.13, the sanitizer for string literals only escapes single quotes, not backslashes, which under MySQL with BACKSLASH_ESCAPES can allow bypassing escaping in JSON path keys. This enables SQL injection via the...
CVE-2026-33397 Angular SSR Vulnerable to Protocol-Relative URL Injection via Single Backslash Bypass
The Angular SSR is a server-rise rendering tool for Angular applications. Versions on the 22.x branch prior to 22.0.0-next.2, the 21.x branch prior to 21.2.3, and the 20.x branch prior to 20.3.21 have an Open Redirect vulnerability in @angular/ssr due to an incomplete fix for CVE-2026-27738. Whil...
CVE-2026-33397 Angular SSR Vulnerable to Protocol-Relative URL Injection via Single Backslash Bypass
The Angular SSR is a server-rise rendering tool for Angular applications. Versions on the 22.x branch prior to 22.0.0-next.2, the 21.x branch prior to 21.2.3, and the 20.x branch prior to 20.3.21 have an Open Redirect vulnerability in @angular/ssr due to an incomplete fix for CVE-2026-27738. Whil...
EUVD-2026-13897
The Angular SSR is a server-rise rendering tool for Angular applications. Versions on the 22.x branch prior to 22.0.0-next.2, the 21.x branch prior to 21.2.3, and the 20.x branch prior to 20.3.21 have an Open Redirect vulnerability in @angular/ssr due to an incomplete fix for CVE-2026-27738. Whil...
CVE-2026-33397 Angular SSR Vulnerable to Protocol-Relative URL Injection via Single Backslash Bypass
The Angular SSR is a server-rise rendering tool for Angular applications. Versions on the 22.x branch prior to 22.0.0-next.2, the 21.x branch prior to 21.2.3, and the 20.x branch prior to 20.3.21 have an Open Redirect vulnerability in @angular/ssr due to an incomplete fix for CVE-2026-27738. Whil...
CVE-2026-33397
The CVE concerns Angular SSR bottleneck/open-redirect in @angular/ssr. Affected series: 22.x before 22.0.0-next.2, 21.x before 21.2.3, and 20.x before 20.3.21, with a patch included in 22.0.0-next.2, 21.2.3, and 20.3.21. Root cause: incomplete fix for CVE-2026-27738 where a single backslash in X-...
Kysely SQL注入漏洞
Kysely is a type-safe TypeScript SQL query builder developed by Kysely. Versions of Kysely prior to 0.28.14 contained an SQL injection vulnerability. This vulnerability stemmed from the sanitizeStringLiteral method not escaping backslashes, which could lead to SQL injection attacks...
CVE-2026-33352
WWBN AVideo is an open source video platform. Prior to version 26.0, an unauthenticated SQL injection vulnerability exists in objects/category.php in the getAllCategories method. The doNotShowCats request parameter is sanitized only by stripping single-quote characters strreplace"'", '', ..., but...
CVE-2026-33352 AVideo has an Unauthenticated SQL Injection via `doNotShowCats` Parameter (Backslash Escape Bypass)
WWBN AVideo is an open source video platform. Prior to version 26.0, an unauthenticated SQL injection vulnerability exists in objects/category.php in the getAllCategories method. The doNotShowCats request parameter is sanitized only by stripping single-quote characters strreplace"'", '', ..., but...
CVE-2026-33352 AVideo has an Unauthenticated SQL Injection via `doNotShowCats` Parameter (Backslash Escape Bypass)
WWBN AVideo is an open source video platform. Prior to version 26.0, an unauthenticated SQL injection vulnerability exists in objects/category.php in the getAllCategories method. The doNotShowCats request parameter is sanitized only by stripping single-quote characters strreplace"'", '', ..., but...
CVE-2026-33352 AVideo has an Unauthenticated SQL Injection via `doNotShowCats` Parameter (Backslash Escape Bypass)
WWBN AVideo is an open source video platform. Prior to version 26.0, an unauthenticated SQL injection vulnerability exists in objects/category.php in the getAllCategories method. The doNotShowCats request parameter is sanitized only by stripping single-quote characters strreplace"'", '', ..., but...
CVE-2026-33352
CVE-2026-33352 affects WWBN AVideo (pre-26.0). An unauthenticated SQL injection exists in objects/category.php::getAllCategories() via the doNotShowCats parameter. The code only strips single quotes and does not neutralize backslashes, allowing boundary-shifting in the SQL built by string concate...