CRITICAL
JasperFx
CVE published 2026-05-28
CVE-2026-45288
Marten, a .NET transactional document database and event store built on PostgreSQL, contains a critical SQL injection vulnerability in versions prior to 8.36.1. The flaw exists in the full-text search APIs where the user-supplied `regConfig` parameter is interpolated directly into generated SQL without parameterization or validation. This makes any code path exposing `regConfig` to untrusted input a SQL i [truncated]