CVE-2025-1389

Orca HCM from Learning Digital has a SQL Injection vulnerability, allowing attackers with regular privileges to inject arbitrary SQL commands to read, modify, and delete database contents. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt