QotNewsHacker News, Reddit, Lobsters, and Tildes articles rendered in reader mode.
hailey | 10 hours ago
Wow, CVE-2026-6476 (SQL injection via subscription name) is wild - just sprintf-ing unquoted user input into an SQL query which is then executed with superuser privileges.
Sirikon | 3 hours ago
PostgreSQL of all things having a SQL injection vulnerability is peak irony.
hailey | 10 hours ago
Wow, CVE-2026-6476 (SQL injection via subscription name) is wild - just sprintf-ing unquoted user input into an SQL query which is then executed with superuser privileges.
Sirikon | 3 hours ago
PostgreSQL of all things having a SQL injection vulnerability is peak irony.