CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

SQL injection vulnerabilities

SQL injection50 advisories28 exploitedlatest 2026-07-09

SQL injection lets attacker input rewrite database queries — dumping tables, bypassing logins, or writing files. Decades old and still shipping, SQLi in internet-facing products (file-transfer appliances in particular) has driven some of the largest mass-exploitation campaigns on record.

Classification is assigned by the CSIRTS enrichment pipeline from the advisory text. The list below shows the latest advisories tagged sql injection, newest first, across national CERTs, vendor PSIRTs and vulnerability databases — exploited marks CVEs in the CISA KEV catalog.

Latest sql injection advisories

Other vulnerability classes

Remote code execution (973)Privilege escalation (444)Authentication bypass (351)Denial of service (567)Information disclosure (387)Memory corruption (230)Path traversal (99)Code injection (91)Cross-site scripting (107)Unsafe deserialization (49)Server-side request forgery (37)