magento2 – Magento 2 search results suggest SQL commands


When i search some keywords like brand name XXX the search results suggest like following SQL commands

XXX' AND SLEEP(3) oRDeR BY 1 #
XXX" or (1,2)=(select*from(select name_const(CHAR(111,108,111,108,111,115,104,101,114),1),name_const(CHAR(111,108,111,108,111

I have Googled about it i see i am not alone:
https://www.google.com/search?biw=1920&bih=947&sxsrf=ALeKk01E6H2rZeNBTsgP5IBg5ubFXrUkNw%3A1601427042443&ei=YtZzX_fDGsOckwWRn4fgDQ&q=magento+AND+SLEEP%283%29+oRDeR+BY+1+%23&oq=magento+AND+SLEEP%283%29+oRDeR+BY+1+%23&gs_lcp=CgZwc3ktYWIQA1DG2Q1YxtkNYNDbDWgAcAB4AIABY4gBY5IBATGYAQCgAQKgAQGqAQdnd3Mtd2l6wAEB&sclient=psy-ab&ved=0ahUKEwj3_P3P1I_sAhVDzqQKHZHPAdwQ4dUDCA0&uact=5

Is it a bug? How can i clear these search suggets?