[HIGH] Flight vulnerable to SQL Injection via unvalidated identifiers in SimplePdo::insert / update / delete

PKSA-jtc2-k2n3-ck2b CVE-2026-42550 GHSA-xwqr-rcqg-22mr

Affected package: flightphp/core

Affected version: <3.18.1

Reported by:
GitHub