CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/05/11 4:41 p.m.•28 views

CVE-2026-42316 KQL injection via kusto.tables.topics.mapping in kafka-sink-azure-kusto

6.5CVSS0.0003EPSS

Vulnrichment•added 2026/05/11 4:41 p.m.•3 views

CVE-2026-42316 KQL injection via kusto.tables.topics.mapping in kafka-sink-azure-kusto

ATTACKERKB•added 2026/05/11 4:41 p.m.•4 views

CVE-2026-42316

Exploits0References4Affected Software1

CVE•added 2026/05/11 4:41 p.m.•8 views

CVE-2026-42316

Summary: The kafka-sink-azure-kusto Kafka Connect plugin (Microsoft’s sink for Azure Data Explorer) is affected by a KQL injection vulnerability in the kusto.tables.topics.mapping configuration. Before version 5.2.3, db/table/mapping/format fields were interpolated directly into KQL commands via ...

EUVD•added 2026/05/11 4:41 p.m.•7 views

EUVD-2026-29124

Positive Technologies•added 2026/05/11 12:0 a.m.•8 views

PT-2026-39660

CNNVD•added 2026/05/11 12:0 a.m.•4 views

Exploits0References4

Microsoft Azure Data Explorer Kafka Connect Kusto Sink Connector 安全漏洞

The Microsoft Azure Data Explorer Kafka Connect Kusto Sink Connector is an open-source Kafka data synchronization connector to Azure Big Data Analysis databases. Versions of the Kusto Sink Connector prior to version 5.2.3 have security vulnerabilities. These vulnerabilities stem from uncleaned...

GithubExploit•added 2026/04/29 9:16 p.m.•51 views

Exploits0References1

Exploit for Improper Neutralization of Special Elements in Data Query Logic in Pab1It0 Azure_Data_Explorer_Mcp_Server

CVE-2026-33980 — KQL Injection in adx-mcp-server via tablenam...

RedhatCVE•added 2026/03/28 11:9 p.m.•1 views

Exploits3

CVE-2026-33980

Azure Data Explorer MCP Server is a Model Context Protocol MCP server that enables AI assistants to execute KQL queries and explore Azure Data Explorer ADX/Kusto databases through standardized interfaces. Versions up to and including 0.1.1 contain KQL Kusto Query Language injection vulnerabilitie...

Snyk•added 2026/03/27 11:24 p.m.•4 views

Exploits3References1

Improper Neutralization of Special Elements in Data Query Logic

Overview adx-mcp-server is a MCP server for Azure Data Explorer integration Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Data Query Logic via the gettableschema, sampletabledata, and gettabledetails handlers when the tablename parameter is...

8.7CVSS6.1AI score0.00018EPSS

NVD•added 2026/03/27 10:16 p.m.•2 views

CVE-2026-33980

8.3CVSS0.00018EPSS

Cvelist•added 2026/03/27 9:32 p.m.•23 views

CVE-2026-33980 Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries

8.3CVSS0.00018EPSS

Vulnrichment•added 2026/03/27 9:32 p.m.•4 views

CVE-2026-33980 Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries

CVE•added 2026/03/27 9:32 p.m.•26 views

CVE-2026-33980

Azure Data Explorer MCP Server

Exploits3References2Affected Software1

ATTACKERKB•added 2026/03/27 9:32 p.m.•3 views

CVE-2026-33980

Exploits3References3Affected Software1

OSV•added 2026/03/27 9:32 p.m.•5 views

CVE-2026-33980 Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries

EUVD•added 2026/03/27 7:8 p.m.•2 views

Exploits3References4

EUVD-2026-16878

Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries...

OSV•added 2026/03/27 7:8 p.m.•2 views

GHSA-VPHC-468G-8RFP Azure Data Explorer MCP Server: KQL Injection in multiple tools allows MCP client to execute arbitrary Kusto queries

Summary adx-mcp-server ListDictstr, Any: client = getkustoclient query = f"tablename | getschema" ListDictstr, Any: client = getkustoclient query = f"tablename | sample samplesize" ListDictstr, Any: client = getkustoclient query = f".show table tablename details" -- KQL injection resultset =...