Critical SQL Injection & Data Leakage Flaws Patched in AI/ML Query Builder

A series of critical security vulnerabilities in a core AI/ML query and storage system have been patched, exposing risks of SQL injection, sensitive data leakage, and denial-of-service attacks. The fixes target fundamental flaws in the `WithWeights()` function, exception handling, and file permissions that could have allowed attackers to execute arbitrary SQL commands, extract internal database error details, or crash services with malformed inputs.

The remediation includes a new `ValidateWeightValue()` function to strictly enforce numeric-only input, preventing SQL injection through the query builder. Exception messages in bulk operations have been sanitized to stop the leakage of Cosmos DB error details. The system also now implements bounds checking in `HintValueExtensions` to block DoS attempts via crafted query hints. Broad `SystemException` catch blocks have been narrowed to specific types like `SqliteException` and `JsonException` across storage and tuner code to reduce information exposure.

Further hardening measures set owner-only file permissions on statistics directories and impose a hard cap of 8192 on vector dimensions. The patch notes also include a warning about PII exposure from the `recordQueries` feature and a new injection test in Example14. These changes collectively represent a significant security overhaul of the platform's data handling and query execution layers, addressing vulnerabilities that could compromise both system integrity and sensitive user data.