CVE-2026-44680P3HIGHCVSS 7.6PoCfixed in 6.6.142026-05-26
CVE-2026-44680 [HIGH] CWE-89 CVE-2026-44680: MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map pattern
MikroORM is a TypeScript ORM for Node.js based on Data Mapper, Unit of Work and Identity Map patterns. Prior to @mikro-orm/knex 6.6.14 and @mikro-orm/sql 7.0.14, MikroORM's identifier-quoting helper (Platform.quoteIdentifier and the postgres/mssql overrides) and its JSON-path emitters (Platform.getSearchJsonPropertyKey, quoteJsonKey) did not properly e
ghsanvd