News

The Hacker News10d
Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
Fortinet fixes a critical SQL injection vulnerability in FortiWeb (CVE-2025-25257), posing risks to database security.
Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now
Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to ...
Bleeping Computer1y
Latest SQL Injection news - BleepingComputer
Django fixes SQL Injection vulnerability in new releases. Django, an open source Python-based web framework has patched a high severity vulnerability in its latest releases.
SecurityWeek4d
Fortinet FortiWeb Flaw Exploited in the Wild After PoC Publication
Dozens of FortiWeb instances have been hacked after PoC targeting a recent critical vulnerability was shared publicly. Hackers started targeting a recently patched critical-severity vulnerability in ...
The Register on MSN27d
Anthropic won't fix a bug in its SQLite MCP server
Fork that - 5k+ times Anthropic says it won't fix an SQL injection vulnerability in its SQLite Model Context Protocol (MCP) server that a researcher says could be used to hijack a support bot and ...
SDxCentral5mon
VU#148244: PandasAI interactive prompt function can be exploited to run ...
An attacker with access to the PandasAI interface can perform prompt injection attacks, instructing the connected LLM to translate malicious natural language inputs into executable Python or SQL code.