SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
heise online

VMware: High-risk SQL injection vulnerability compromises Avi Load Balancer

Broadcom warns of an SQL injection vulnerability in VMware Avi Load Balancer. Attackers can gain unauthorized access to the database. "Malicious users with network access can send specially crafted ...
Infosecurity-magazine.com

High-Risk SQLi Flaw Exposes WordPress Memberships Plugin Users

A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...
GIGAZINE

SQL injection vulnerability in PostgreSQL went undiscovered for over nine years and was ...

On December 30, 2024, a 'Chinese government-sponsored advanced persistent threat actor' breached a system managing confidential data for the U.S. Treasury Department. It was discovered that the ...
CSOonline

PostgreSQL patches SQLi vulnerability likely exploited in BeyondTrust attacks

Attackers who exploited a zero-day vulnerability in BeyondTrust Privileged Remote Access and Remote Support products in December likely also exploited a previously unknown SQL injection flaw in ...