SQL Injection in extension "News system" (news)

PKSA-grgc-xpj3-tvw1 CVE-2026-8726

Affected package: georgringer/news

Affected version: <11.4.4|>=12.0.0,<12.3.2|>=13.0.0,<13.0.2|>=14.0.0,<14.0.3

Reported by:
FriendsOfPHP/security-advisories