CVE-2026-7591

A security flaw has been discovered in TimBroddin astro-mcp-server up to 1.1.1. The impacted element is an unknown function of the file src/index.ts of the component MCP Tool Query Construction. Performing a manipulation of the argument request.params.arguments results in sql injection. The attac...

CVE-2025-14179

A flaw was found in PHP. The PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at the NUL byte, dropping the closing quote and causing subsequent SQL tokens...

PT-2026-41885

Name of the Vulnerable Software and Affected Versions Contest Gallery versions prior to 28.1.7 Description The Contest Gallery plugin for WordPress contains a SQL Injection flaw. This occurs because the unauthenticated 'post cg gallery form upload' AJAX action fails to properly escape the form...

EUVD-2026-29359

SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploitation could allow the high privileged users to alter the SELECT statements impacting...

PT-2026-40277

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at...

PT-2026-39443

Name of the Vulnerable Software and Affected Versions PHP versions 8.2.0 through 8.2.30 PHP versions 8.3.0 through 8.3.30 PHP versions 8.4.0 through 8.4.20 PHP versions 8.5.0 through 8.5.5 Description The PDO Firebird driver improperly handles NUL bytes during the preparation of SQL queries. When...

CVE-2026-42229

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the SeaTable node's row:search and row:get operations allowed user-controlled input to be concatenated directly into SQL query strings without escaping or parameterization. In workflows...

CVE-2026-42229

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the SeaTable node's row:search and row:get operations allowed user-controlled input to be concatenated directly into SQL query strings without escaping or parameterization. In workflows...

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview astro-mcp-server is a MCP server for Astro ASO App Store Optimization data - Access keyword rankings, historical data, and app metrics Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' in t...

CVE-2026-7591 TimBroddin astro-mcp-server MCP Tool Query Construction index.ts sql injection

A security flaw has been discovered in TimBroddin astro-mcp-server up to 1.1.1. The impacted element is an unknown function of the file src/index.ts of the component MCP Tool Query Construction. Performing a manipulation of the argument request.params.arguments results in sql injection. The attac...

CVE-2026-7591 TimBroddin astro-mcp-server MCP Tool Query Construction index.ts sql injection

A security flaw has been discovered in TimBroddin astro-mcp-server up to 1.1.1. The impacted element is an unknown function of the file src/index.ts of the component MCP Tool Query Construction. Performing a manipulation of the argument request.params.arguments results in sql injection. The attac...

CVE-2026-7591

CVE-2026-7591 : In TimBroddin’s astro-mcp-server (up to 1.1.1), the vulnerability exists in an unknown function within src/index.ts of the MCP Tool Query Construction. An attacker can manipulate the argument at request.params.arguments to trigger a SQL injection. The issue can be exploited remote...

EUVD-2026-26709

A security flaw has been discovered in TimBroddin astro-mcp-server up to 1.1.1. The impacted element is an unknown function of the file src/index.ts of the component MCP Tool Query Construction. Performing a manipulation of the argument request.params.arguments results in sql injection. The attac...

GHSA-4948-F92Q-F432 @nocobase/database has SQL Injection via String Concatenation through Recursive Eager Loading

Summary The queryParentSQL function in the core database package constructs a recursive CTE query by joining nodeIds with string concatenation instead of using parameterized queries. The nodeIds array contains primary key values read from database rows. An attacker who can create a record with a...

GHSA-RH5M-2482-966C SciTokens is vulnerable to SQL Injection in KeyCache

Summary The KeyCache class in scitokens was vulnerable to SQL Injection because it used Python's str.format to construct SQL queries with user-supplied data such as issuer and keyid. This allowed an attacker to execute arbitrary SQL commands against the local SQLite database. Ran the POC below...

MikroORM has Prototype Pollution in Utils.merge

A prototype pollution vulnerability exists in the Utils.merge helper used internally by MikroORM when merging object structures. The function did not prevent special keys such as proto, constructor, or prototype, allowing attacker-controlled input to modify the JavaScript object prototype when...

CVE-2026-32628

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, a SQL injection vulnerability in the built-in SQL Agent plugin allows any user who can invoke the agent to execute arbitrary SQL commands on connected...

PT-2026-27625

Name of the Vulnerable Software and Affected Versions MobSF versions prior to 4.4.6 Description MobSF, a mobile application security testing tool, contains a flaw in its read sqlite function located in mobsf/MobSF/utils.py lines 542-566. This function utilizes Python string formatting % to...

CVE-2026-33142

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.34, the fix for CVE-2026-32306 ClickHouse SQL injection via aggregate query parameters added column name validation to the aggregateBy method but did not apply the same validation to three other query...

OneUptime SQL注入漏洞

OneUptime is a comprehensive solution developed by OneUptime OpenSource. It is used to monitor and manage your online services. Versions of OneUptime prior to 10.0.34 contained a SQL injection vulnerability. This vulnerability stemmed from the lack of column name validation in multiple query...