EUVD-2026-10870

Sequelize v6 Vulnerable to SQL Injection via JSON Column Cast Type...

Sequelize SQL注入漏洞

Sequelize is an open-source database ORM Object-Relational Mapping tool for Node.js. Versions of Sequelize prior to 6.37.8 had a SQL injection vulnerability. This vulnerability stemmed from type conversion that wasn’t properly escaped during the handling of JSON/JSONB WHERE clauses, which could...