SQL injection vulnerabilities
SQL injection lets attacker input rewrite database queries — dumping tables, bypassing logins, or writing files. Decades old and still shipping, SQLi in internet-facing products (file-transfer appliances in particular) has driven some of the largest mass-exploitation campaigns on record.
Classification is assigned by the CSIRTS enrichment pipeline from the advisory text. The list below shows the latest advisories tagged sql injection, newest first, across national CERTs, vendor PSIRTs and vulnerability databases — exploited marks CVEs in the CISA KEV catalog.