Does ChatGPT code have SQL injection vulnerabilities?

ChatGPT frequently generates code that is vulnerable to SQL injection, especially when building database query logic. The model often produces string concatenation patterns for SQL queries instead of parameterized queries or prepared statements, which is one of the most dangerous coding practices. This is particularly common when ChatGPT generates code for older frameworks or when the prompt does not explicitly request secure database patterns. Even when using ORMs, ChatGPT may suggest raw query methods that bypass built-in protections. UNPWNED tests for SQL injection and other injection vulnerabilities in applications regardless of how the code was generated.