CRITICAL

Drupal bug added to CISA list of known exploited vulnerabilities

SC Media • May 26, 2026

CRITICAL

Ghost CMS vulnerability exploited in large-scale campaign

SC Media • May 26, 2026

HIGH

700+ education and tech websites hijacked in huge ClickFix malware campaign

Malwarebytes Labs • May 26, 2026

CRITICAL

CISA orders feds to patch actively exploited Drupal vulnerability

BleepingComputer • May 26, 2026

HIGH

Ghost CMS Vulnerability Exploited to Hack Over 700 Websites

SecurityWeek • May 25, 2026

CRITICAL

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

The Hacker News • May 25, 2026

CRITICAL

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

BleepingComputer • May 24, 2026

CRITICAL

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

The Hacker News • May 23, 2026

CRITICAL

Keys to the Kingdom: Anonymous SQL Injection in Drupal Core (CVE-2026-9082)

Reddit r/netsec • May 21, 2026

CRITICAL

Drupal: Critical SQL injection flaw now targeted in attacks

BleepingComputer • May 22, 2026

CRITICAL

[UPDATE] [hoch] Exim: Schwachstelle ermöglicht SQL-Injection

BSI Germany • May 22, 2026

HIGH

USN-8294-1: PostgreSQL vulnerabilities

Ubuntu Security • May 21, 2026

CRITICAL

CVE-2026-9082: Highly Critical SQL Injection Vulnerability in Drupal Core (SA-CORE-2026-004)

Tenable Research • May 21, 2026

HIGH

Vulnérabilité dans Drupal (21 mai 2026)

CERT-FR (ANSSI) • May 21, 2026

CRITICAL

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

SecurityWeek • May 21, 2026

HIGH

NCSC-2026-0166 [1.00] [M/H] Kwetsbaarheid verholpen in Drupal core

NCSC Netherlands • May 21, 2026

CRITICAL

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

The Hacker News • May 21, 2026

HIGH

Drupal admins rushing to patch maximum severity SQL injection vulnerability

CSO Online • May 20, 2026

CRITICAL

[NEU] [hoch] CKAN: Mehrere Schwachstellen

BSI Germany • May 18, 2026

HIGH

CVE-2026-6638 PostgreSQL REFRESH PUBLICATION allows SQL injection via table name

Microsoft Security Response Center • May 16, 2026

HIGH

[NEU] [hoch] PostgreSQL: Mehrere Schwachstellen

BSI Germany • May 15, 2026

HIGH

NCSC-2026-0160 [1.00] [M/H] Kwetsbaarheden verholpen in Ivanti Endpoint Manager

NCSC Netherlands • May 15, 2026

HIGH

Bug hunter tracks down three massive MCP flaws and one vendor won't fix theirs

The Register Security • May 13, 2026

HIGH

[NEU] [mittel] Fortinet FortiMail: Schwachstelle ermöglicht SQL Injection

BSI Germany • May 13, 2026

HIGH

1,000,000 WordPress Sites Affected by Arbitrary File Read and SQL Injection Vulnerabilities in Avada Builder WordPress Plugin

Wordfence • May 12, 2026

MEDIUM

User controlled SQL commands

Fortinet PSIRT • May 12, 2026

MEDIUM

SQL command injection in administrative portal

Fortinet PSIRT • May 12, 2026

MEDIUM

Multiples vulnérabilités dans les produits Centreon (12 mai 2026)

CERT-FR (ANSSI) • May 12, 2026

HIGH

NCSC-2026-0140 [1.00] [M/H] Kwetsbaarheden verholpen in diverse SAP-producten

NCSC Netherlands • May 12, 2026

CRITICAL

SAP Patches Critical S/4HANA, Commerce Vulnerabilities

SecurityWeek • May 12, 2026

MEDIUM

CVE-2025-14179 SQL injection in pdo_firebird via NUL bytes in quoted strings

Microsoft Security Response Center • May 11, 2026

HIGH

ABB Ability Symphony Plus Engineering

CISA ICS Advisories • Apr 30, 2026

CRITICAL

LiteLLM exploited within 36 hours of disclosure via SQL injection bug

SC Media • Apr 29, 2026

CRITICAL

Fresh LiteLLM Vulnerability Exploited Shortly After Disclosure

SecurityWeek • Apr 29, 2026

HIGH

[NEU] [hoch] ProFTPD: Schwachstelle ermöglicht SQL-Injection

BSI Germany • Apr 29, 2026

CRITICAL

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

The Hacker News • Apr 29, 2026

CRITICAL

Hackers are exploiting a critical LiteLLM pre-auth SQLi flaw

BleepingComputer • Apr 28, 2026

CRITICAL

[NEU] [hoch] LiteLLM: Mehrere Schwachstellen

BSI Germany • Apr 28, 2026

CRITICAL

[UPDATE] [hoch] Cacti: Mehrere Schwachstellen

BSI Germany • Apr 24, 2026

HIGH

SQL Injection via JSON RPC API

Fortinet PSIRT • Apr 14, 2026

HIGH

SQL Injection via API

Fortinet PSIRT • Apr 14, 2026

HIGH

Multiple SQL Injections

Fortinet PSIRT • Apr 14, 2026

CRITICAL

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

The Hacker News • Apr 14, 2026

MEDIUM

Multiples vulnérabilités dans Joomla! (01 avril 2026)

CERT-FR (ANSSI) • Apr 01, 2026

CRITICAL

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

SecurityWeek • Mar 31, 2026

CRITICAL

Fortinet hit by another exploited cybersecurity flaw

CSO Online • Mar 30, 2026

CRITICAL

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

Help Net Security • Mar 30, 2026

CRITICAL

[NEU] [hoch] Fleet: Mehrere Schwachstellen

BSI Germany • Mar 30, 2026

CRITICAL

Critical Fortinet Forticlient EMS flaw now exploited in attacks

BleepingComputer • Mar 30, 2026

HIGH

[NEU] [hoch] Zabbix: Mehrere Schwachstellen

BSI Germany • Mar 25, 2026

CRITICAL

[UPDATE] [hoch] PostgreSQL JDBC Driver: Schwachstelle ermöglicht SQL-Injection

BSI Germany • Mar 24, 2026

MEDIUM

Kanboard Authenticated SQL Injection CVE-2026-33058 Writeup

Reddit r/netsec • Mar 19, 2026

CRITICAL

CVE-2026-22730: SQL Injection in Spring AI’s MariaDB Vector Store

Reddit r/netsec • Mar 19, 2026

MEDIUM

Multiples vulnérabilités dans GLPI (18 mars 2026)

CERT-FR (ANSSI) • Mar 18, 2026

HIGH

Multiples vulnérabilités dans Spring AI (17 mars 2026)

CERT-FR (ANSSI) • Mar 17, 2026

HIGH

Post AI Agent Hacked Amazon & McKinsey, I compiled a list of 5 situations where deploying agents can be catastrophic

Reddit r/netsec • Mar 15, 2026

HIGH

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

SecurityWeek • Mar 12, 2026

HIGH

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

BleepingComputer • Mar 11, 2026

HIGH

Throwing a spark into FuelCMS (0-click RCE)

Reddit r/netsec • Mar 11, 2026

MEDIUM

USN-8083-1: GeoPandas vulnerability

Ubuntu Security • Mar 11, 2026

MEDIUM

SQL injection in jsonrpc api

Fortinet PSIRT • Mar 10, 2026

HIGH

400,000 WordPress Sites Affected by Unauthenticated SQL Injection Vulnerability in Ally WordPress Plugin

Wordfence • Mar 10, 2026

CRITICAL

New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

The Hacker News • Mar 10, 2026

HIGH

[UPDATE] [hoch] PostgreSQL: Schwachstelle ermöglicht SQL Injection und Codeausführung

BSI Germany • Mar 10, 2026

HIGH

[NEU] [hoch] DriveLock: Mehrere Schwachstellen

BSI Germany • Mar 06, 2026

HIGH

NCSC-2026-0077 [1.00] [M/H] Kwetsbaarheden verholpen in Cisco Secure Firewall systemen

NCSC Netherlands • Mar 05, 2026

MEDIUM

Cisco Secure Firewall Management Center Software SQL Injection Vulnerabilities

Cisco Security • Mar 04, 2026

HIGH

NCSC-2026-0075 [1.00] [M/H] Kwetsbaarheid verholpen in n8n Automation Platform

NCSC Netherlands • Mar 04, 2026

HIGH

[webapps] WeGIA 3.5.0 - SQL Injection

Exploit-DB • Mar 03, 2026

CRITICAL

Multiples vulnérabilités dans SPIP (26 février 2026)

CERT-FR (ANSSI) • Feb 26, 2026

CRITICAL

SQL injection in forward module

Fortinet PSIRT • Feb 21, 2026

MEDIUM

[UPDATE] [mittel] Django (FilteredRelation): Schwachstelle ermöglicht SQL injection

BSI Germany • Feb 16, 2026

CRITICAL

New Joomla! Novarain/Tassos Framework Vulnerabilities Advisory

Reddit r/netsec • Feb 16, 2026

CRITICAL

New Joomla! Novarain/Tassos Framework Vulnerabilities Advisory

Reddit r/netsec • Feb 16, 2026

CRITICAL

CVE-2024-42327: Zabbix Server SQL Injection Vulnerability

Web Discovery • Feb 09, 2026

CRITICAL

CVE-2024-42327 Impact, Exploitability, and Mitigation Steps | Wiz

Web Discovery • Feb 09, 2026

CRITICAL

CVE-2024-42327: Zabbix SQL Injection Vulnerability

Web Discovery • Feb 09, 2026

CRITICAL

Microsoft Configuration Manager (ConfigMgr) 2403 Unauthenticated SQL

Web Discovery • Feb 13, 2026

HIGH

CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks | Cryptika Cybersecurity

Web Discovery • Feb 13, 2026

CRITICAL

NopSec Just in Time: CVE-2024-43468 SCCM SQL Injection

Web Discovery • Feb 13, 2026

HIGH

CISA Warns of Actively Exploited SQL Injection Flaw in Microsoft Configuration Manager

Web Discovery • Feb 13, 2026

MEDIUM

SB2025051940 - Multiple vulnerabilities in Siemens Polarion

Web Discovery • Feb 10, 2026

CRITICAL

CVE-2026-21643: Critical SQL Injection in FortiClientEMS - Arctic Wolf

Web Discovery • Feb 09, 2026

CRITICAL

Fortinet Patches Critical FortiClientEMS SQL Injection Bug - TechInformed

Web Discovery • Feb 09, 2026

HIGH

GitHub - BridgerAlderson/Zabbix-CVE-2024-42327-SQL-Injection-RCE: Zabbix CVE-2024-42327 PoC

Web Discovery • Feb 09, 2026

CRITICAL

NVD - CVE-2026-21643

Web Discovery • Feb 09, 2026

CRITICAL

Critical Vulnerability in FortiClientEMS

Web Discovery • Feb 09, 2026

CRITICAL

CVE-2026-21643: Critical FortiClient EMS Vulnerability Enables Unauthenticated Remote Code Execution | SOC Prime

Web Discovery • Feb 09, 2026

CRITICAL

Vercel Security Checkpoint

Web Discovery • Feb 09, 2026

CRITICAL

Warning: Critical SQL Injection vulnerability in multiple Zabbix frontend versions can lead to privilege escalation, Patch Immediately! | CCB Safeonweb

Web Discovery • Feb 09, 2026

CRITICAL

CISA flags critical Microsoft SCCM flaw as exploited in attacks

BleepingComputer • Feb 13, 2026

HIGH

Multiples vulnérabilités dans Ivanti Endpoint Manager (11 février 2026)

CERT-FR (ANSSI) • Feb 11, 2026

HIGH

NCSC-2026-0059 [1.00] [M/H] Kwetsbaarheden verholpen in Ivanti Endpoint Manager

NCSC Netherlands • Feb 11, 2026

HIGH

[NEU] [hoch] Fortinet FortiClientEMS: Schwachstelle ermöglicht Codeausführung

BSI Germany • Feb 09, 2026

CRITICAL

[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution

Exploit-DB • Feb 04, 2026

HIGH

[UPDATE] [mittel] IBM Business Automation Workflow: Mehrere Schwachstellen

BSI Germany • Feb 04, 2026

MEDIUM

[UPDATE] [mittel] Django: Mehrere Schwachstellen

BSI Germany • Feb 06, 2026

CRITICAL

Johnson Controls Metasys Products

CISA All Advisories • Jan 27, 2026

HIGH

SQL Injection Flaw Affects 40,000 WordPress Sites

Infosecurity Magazine • Feb 03, 2026

CRITICAL

Metasploit Wrap-Up 01/30/2026

Rapid7 Research • Jan 30, 2026