[HIGH] Craft Commerce is vulnerable to SQL Injection in Commerce Inventory Table Sorting

PKSA-5vsf-cyf4-k2zs CVE-2026-29174 GHSA-pmgj-gmm4-jh6j

Affected package: craftcms/commerce

Affected version: >=5.0.0,<=5.5.2

Reported by:
GitHub