CVE-2025-64459 | Django up to 4.2.25/5.1.13/5.2.7 QuerySet.filter/QuerySet.exclude/QuerySet.get sql injection

A vulnerability was found in Django up to 4.2.25/5.1.13/5.2.7. It has been declared as critical. This impacts the function QuerySet.filter/QuerySet.exclude/QuerySet.get. Such manipulation leads to sql injection.

This vulnerability is traded as CVE-2025-64459. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More