silverstripe/postgresql is vulnerable to SQL injection. The vulnerability is due to the inadequate handling of table names in the silverstripe/postgresql database adapter, which allows malicious SQL injection attacks if table names are not properly escaped or sanitized.