217 matches found
GHSA-5XRH-QMMQ-W6CH vulnerabilities
Vulnerabilities for packages: management-api-for-apache-cassandra-4.1, trino, management-api-for-apache-cassandra-4.0, seata...
CVE-2026-46340 vulnerabilities
Vulnerabilities for packages: management-api-for-apache-cassandra-4.1, trino, management-api-for-apache-cassandra-4.0, seata...
CVE-2026-27314
Privilege escalation in Apache Cassandra 5.0 on an mTLS environment using MutualTlsAuthenticator allows a user with only CREATE permission to associate their own certificate identity with an arbitrary role, including a superuser role, and authenticate as that role via ADD IDENTITY. Users are...
CVE-2026-33109
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
CVE-2026-33844
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
EUVD-2026-28451
Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
EUVD-2026-28448
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
CVE-2026-33844
Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
CVE-2026-33844 Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability
...
CVE-2026-33844 Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability
...
CVE-2026-33844
Azure Managed Instance for Apache Cassandra is affected by a vulnerability described as improper input validation that enables an authorized attacker to perform remote code execution over the network. The CVSS v3.1 base score is 9.0 (CRITICAL) with network attack, low complexity, required privile...
CVE-2026-33109
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
CVE-2026-33109 Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability
...
CVE-2026-33109
CVE-2026-33109 affects Azure Managed Instance for Apache Cassandra. The vulnerability is described as improper access control that allows an authenticated, network-adjacent attacker to execute code on the instance. The CVSS 3.1 base score is 9.9 (CRITICAL) with NETWORK attack vector, LOW attack c...
CVE-2026-33109 Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability
...
Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...
PT-2026-38580
Name of the Vulnerable Software and Affected Versions Azure Managed Instance for Apache Cassandra affected versions not specified Description Improper input validation allows an authorized attacker to execute code over a network. Recommendations At the moment, there is no information about a newe...
Denial Of Service (DoS)
Apache Cassandra is vulnerable to Denial Of Service DoS. The vulnerability is due to inefficient handling of repeated password change operations, which allows an attacker to trigger increased query latency and degrade system performance...
com.ericsson.bss.cassandra.ecaudit:ecaudit_c4.0 (=3.1.3), com.instaclustr:cassandra-4 (=1.0) +28 more potentially affected by CVE-2026-32588 via org.apache.cassandra:cassandra-all (>=4.0-alpha3 <=4.0.2)
org.apache.cassandra:cassandra-all MAVEN version =4.0-alpha3, =1.0.2, =1.1, =1.0.0, =1.0.0, =1.1.1 - com.instaclustr:ttl-remover-cassandra-4.0.0 =1.0 - com.netflix.priam:priam =4.0.0-alpha9 - com.netflix.priam:priam-cass-extensions =4.0.0-alpha9 - com.netflix.priam:priam-dse-extensions...
EUVD-2026-19769
Authenticated DoS over CQL in Apache Cassandra 4.0, 4.1, 5.0 allows authenticated user to raise query latencies via repeated password changes. Users are recommended to upgrade to version 4.0.20, 4.1.11, 5.0.7, which fixes this issue...