Security Advisory

Sequelize Security Update Advisory (CVE-2026-30951)

  • Mar 18 2026
Sequelize Security Update Advisory (CVE-2026-30951)

Overview

 

We have released a security update that addresses a vulnerability in Sequelize. Users of affected products are advised to update to the latest version.

 

 

Affected Products

 

CVE-2026-30951

 

Sequelize version: 6.37.7 and earlier

 

 

Resolved Vulnerabilities

 

SQL Injection Vulnerability in Sequelize (CVE-2026-30951)

 

 

Vulnerability Patches

 

Vulnerability Patches have been made available with the latest update. Please follow the instructions on the Referenced Sites to update to the latest version of Vulnerability Patches.

 

CVE-2026-30951

 

Sequelize version: 6.37.8

 

 

References

 

[1] SQL Injection via JSON Column Cast Type in Sequelize v6
https://github.com/sequelize/sequelize/security/advisories/GHSA-6457-6jrx-69cr

Tags:
Previous Post

Next Post