diff --git a/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S608.py b/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S608.py
index 2e96462c84..447e46dcf2 100644
--- a/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S608.py
+++ b/crates/ruff_linter/resources/test/fixtures/flake8_bandit/S608.py
@@ -166,3 +166,6 @@ query60 = f"""
         foo
     FROM ({user_input}) raw
 """
+
+# https://github.com/astral-sh/ruff/issues/17967
+query61 = f"SELECT * FROM table" # skip expressionless f-strings
diff --git a/crates/ruff_linter/src/rules/flake8_bandit/rules/hardcoded_sql_expression.rs b/crates/ruff_linter/src/rules/flake8_bandit/rules/hardcoded_sql_expression.rs
index f29cd41d30..df0effe5e8 100644
--- a/crates/ruff_linter/src/rules/flake8_bandit/rules/hardcoded_sql_expression.rs
+++ b/crates/ruff_linter/src/rules/flake8_bandit/rules/hardcoded_sql_expression.rs
@@ -100,7 +100,15 @@ pub(crate) fn hardcoded_sql_expression(checker: &Checker, expr: &Expr) {
         }
 
         // f"select * from table where val = {val}"
-        Expr::FString(f_string) => concatenated_f_string(f_string, checker.locator()),
+        Expr::FString(f_string)
+            if f_string
+                .value
+                .f_strings()
+                .any(|fs| fs.elements.iter().any(ast::FStringElement::is_expression)) =>
+        {
+            concatenated_f_string(f_string, checker.locator())
+        }
+
         _ => return,
     };
 
diff --git a/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S608_S608.py.snap b/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S608_S608.py.snap
index bfd23cbc18..2170539c17 100644
--- a/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S608_S608.py.snap
+++ b/crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S608_S608.py.snap
@@ -601,4 +601,6 @@ S608.py:164:11: S608 Possible SQL injection vector through string-based query co
 167 | |     FROM ({user_input}) raw
 168 | | """
     | |___^ S608
+169 |
+170 |   # https://github.com/astral-sh/ruff/issues/17967
     |