Electric Sync-service
1 CVEs affecting Electric Sync-service. Latest disclosed: 2026-04-21. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-40906 | Critical | 9.9 | 2026-04-21 | Electric is a Postgres sync engine. From 1.1.12 to before 1.5.0, the order_by parameter in the ElectricSQL /v1/shape API is vulnerable to error-based SQL injec… |