1. SQLite Product Search FTS Injection Vulnerability Exposes Data Logic Bypass Risk
A critical SQL injection vulnerability has been identified in a product search function, where user-supplied search terms are directly embedded into SQLite Full-Text Search (FTS) queries without sanitization. The flaw, located in `src/infrastructure/sqlite/sqlite-product-repository.ts`, allows an attacker to manipulate...