KB5084816 - Description of the security update for SQL Server 2019 CU32: April 14, 2026

KB5084816 - Description of the security update for SQL Server 2019 CU32: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information...

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026

KB5084820 - Description of the security update for SQL Server 2016 SP3 Azure Connect Feature Pack: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection...

KB5084819 - Description of the security update for SQL Server 2017 GDR: April 14, 2026

KB5084819 - Description of the security update for SQL Server 2017 GDR: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

KB5084817- Description of the security update for SQL Server 2019 GDR: April 14, 2026

KB5084817- Description of the security update for SQL Server 2019 GDR: April 14, 2026 Summary Known issues in this update Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This...

Microsoft SQL Server Remote Code Execution Vulnerability

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...

SQL Server Elevation of Privilege Vulnerability

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...

WordPress Product Filter for WooCommerce by WBW plugin < 3.1.3 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by mcdruid in WordPress Plugin Product Filter by WBW versions 3.1.3...

CVE-2026-40179 vulnerabilities

Vulnerabilities for packages: loki, mcp-grafana, node-problem-detector, minio-object-browser, prometheus-pushgateway, cloud-sql-proxy, istio, prometheus, certificate-transparency, tempo, jaeger, minio, minio-operator, telegraf, karma, datadog-agent, keda, mc, splunk-otel-collector, trillian...

GHSA-VFFH-X6R8-XX99 vulnerabilities

Vulnerabilities for packages: loki, mcp-grafana, node-problem-detector, minio-object-browser, prometheus-pushgateway, cloud-sql-proxy, istio, prometheus, certificate-transparency, tempo, jaeger, minio, minio-operator, telegraf, karma, datadog-agent, keda, mc, splunk-otel-collector, trillian...

CVE-2026-6010

A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknown functionality of the file /OnlineClassroom/takeassessment2.php?exid=14. Performing a manipulation of the argument Q1 results in sql injection. Remote exploitation of the attac...

Vulnerable-Web-App-Scanner

Vulnerable-Web-App-Scanner Pent...

AWP Classifieds <= 4.2.1 - Unauthenticated SQL Injection

WordPress Classifieds Plugin before 4.3 contains a SQL injection caused by improper sanitization and escaping of parameters in an AJAX action, letting unauthenticated attackers execute arbitrary SQL commands, exploit requires the premium module to be active. id: CVE-2022-3254 info: name: AWP...

CVE-2026-40315 PraisonAI: SQLiteConversationStore didn't validate table_prefix when constructing SQL queries

PraisonAI is a multi-agent teams system. Prior to 4.5.133, there is an SQL identifier injection vulnerability in SQLiteConversationStore where the tableprefix configuration value is directly concatenated into SQL queries via f-strings without any validation or sanitization. Since SQL identifiers...

EUVD-2026-22215

PraisonAI is a multi-agent teams system. Prior to 4.5.133, there is an SQL identifier injection vulnerability in SQLiteConversationStore where the tableprefix configuration value is directly concatenated into SQL queries via f-strings without any validation or sanitization. Since SQL identifiers...

CVE-2026-4352

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the Custom Content Type CCT REST API search endpoint in all versions up to, and including, 3.8.6.1. This is due to the cctsearch parameter being interpolated directly into a SQL query string via sprintf without sanitization or...

CVE-2026-4352

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the Custom Content Type CCT REST API search endpoint in all versions up to, and including, 3.8.6.1. This is due to the cctsearch parameter being interpolated directly into a SQL query string via sprintf without sanitization or...

CVE-2026-4352 JetEngine <= 3.8.6.1 - Unauthenticated SQL Injection via '_cct_search' Parameter

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the Custom Content Type CCT REST API search endpoint in all versions up to, and including, 3.8.6.1. This is due to the cctsearch parameter being interpolated directly into a SQL query string via sprintf without sanitization or...

CVE-2026-4352 JetEngine <= 3.8.6.1 - Unauthenticated SQL Injection via '_cct_search' Parameter

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the Custom Content Type CCT REST API search endpoint in all versions up to, and including, 3.8.6.1. This is due to the cctsearch parameter being interpolated directly into a SQL query string via sprintf without sanitization or...

CVE-2026-36947

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection in the file /rsms/admin/services/viewservice.php...

CVE-2026-36946

Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection in the file /rsms/admin/inquiries/viewdetails.php...