EUVD-2025-24821

Malicious code in bioql PyPI...

BIT-SUPERSET-2025-55675 Apache Superset: Incorrect datasource authorization on REST API

Apache Superset contains an improper access control vulnerability in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do not have permission to access. By iterating through the datasourceid in the URL, an attacker can...

CVE-2025-55675

Apache Superset contains an improper access control vulnerability in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do not have permission to access. By iterating through the datasourceid in the URL, an attacker can...

CVE-2025-55675

Apache Superset contains an improper access control vulnerability in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do not have permission to access. By iterating through the datasourceid in the URL, an attacker can...

CVE-2025-55675 Apache Superset: Incorrect datasource authorization on REST API

Apache Superset contains an improper access control vulnerability in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do not have permission to access. By iterating through the datasourceid in the URL, an attacker can...

PT-2025-33274 · Apache · Apache Superset

Name of the Vulnerable Software and Affected Versions: Apache Superset versions prior to 5.0.0 Description: Apache Superset contains an improper access control issue in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do...