Cwe-89 - SQL Injection - Cwe

Threat entity extracted from intelligence sources

Frequency
153
occurrences
First Seen
April 16, 2026
Last Seen
July 16, 2026

Cwe-89 - SQL Injection is a cwe tracked across 50 threat clusters and 153 intelligence report mentions on ThreatCluster. First observed April 16, 2026; most recent activity July 16, 2026.

Related Threat Clusters

Recent Intelligence Reports

  • Unc2447 Sombrat And Fivehands Ransomware Sophisticated Financial Threat — cloud.google.com · July 16, 2026
  • CVE-2026-52887 AKAOMA CVE VULNERABILITIES / 12h NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filter[latestMsgReceiveTimestamp][$lt] value was inserted into a Sequelize.literal() template string without escaping or parameter binding, allowing a signed-up authenticated user to run stacked PostgreSQL statements an — cve.akaoma.com · July 16, 2026
  • CVE-2026-52887 - Exploits & Severity — Feedly · July 16, 2026
  • Prompt Injection Flipped: Defender Plants Text That Stops AI Attackers — Techtimes · July 15, 2026
  • CVE 2026 44861 — nvd.nist.gov · July 15, 2026
  • CVE 2026 44861 — www.tenable.com · July 15, 2026
  • CVE-2026-44861 - Authenticated Remote Code Execution via SQL Injection in AOS — Notcve · July 14, 2026
  • VMware Avi Load Balancer Vulnerabilities Let Attackers Bypass Authentication — Cybersecuritynews · July 14, 2026

CVSS v3.1 Breakdown