The open-source data processing framework Materialize disclosed a high-severity vulnerability (CVE-2024-28180) allowing SQL injection via unsafe user input in its SQL parser. The flaw affects all versions prior to 0.92.0, enabling remote attackers to execute arbitrary commands or steal sensitive data from exposed instances.