A critical SQL injection vulnerability in ProFTPD, one of the Internet’s most widely deployed FTP servers. Tracked as CVE-2026-42167, this flaw carries a CVSS severity score of 8.1 and affects the mod_sql extension. Depending on how the server is configured, attackers can exploit this bug to bypass authentication, elevate their privileges, or achieve remote code execution (RCE). ProFTPD […] The post ProFTPD’s SQL Injection Vulnerability Enables Remote Code Execution Attacks appeared first on Cyber Security News.