Kolay Software Inc. - Talentics - CRITICAL - CVE-2025-10970. An SQL Injection vulnerability exists in Kolay Software Inc. Talentics, allowing attackers to execute arbitrary SQL commands through the application. This exploit particularly affects the data integrity and confidentiality, as attackers may gain unauthorized access to sensitive information contained within the database. This vulnerability has been noted for its potential to allow Blind SQL Injection, which can be particularly harmful as it does not require visible feedback from the database, making it difficult to detect. Users of Talentics should take immediate action to secure their systems against this type of attack.