CVE-2026-23980 | Apache Superset up to 5.x sql injection

Inserito da Angelo Barbosa | Feb 24, 2026 | CVE

A vulnerability labeled as critical has been found in Apache Superset up to 5.x. This impacts an unknown function. The manipulation results in sql injection.

This vulnerability is reported as CVE-2026-23980. The attack can be launched remotely. No exploit exists.

The affected component should be upgraded.

CVE-2026-23980 | Apache Superset up to 5.x sql injection

Post correlati

CVE-2024-41339 | DrayTek Vigor LTE200 CGI Endpoint unrestricted upload

CVE-2024-39685 | FishAudio Bert-VITS2 up to 2.3 resample data_dir os command injection (GHSL-2024-045)

CVE-2024-53907 | Django django.utils.html.strip_tags denial of service

CVE-2023-28869 | NCP Secure Enterprise Client up to 12.21 symlink (usd-2022-0003)