Fortinet fixes a critical SQL injection vulnerability in FortiWeb (CVE-2025-25257), posing risks to database security.

ServiceNow's CVE-2025-3648 flaw exposes sensitive data across multiple tables, impacting all users with misconfigured ACLs.