CVE-2026-30951
A flaw was found in Sequelize, a Node.js Object-Relational Mapper ORM tool. A remote attacker can exploit a SQL injection vulnerability by manipulating JSON object keys during JSON/JSONB where clause processing. This allows for the injection of arbitrary SQL commands due to the improper handling ...