CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added last week•4 views

CVE-2026-47340

Allow authenticated users to access alert instances associated with alert groups they do not have permission to access. in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

6.5CVSS0.00433EPSS

NVD•added last week•6 views

CVE-2026-32966

DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue...

9.8CVSS0.0039EPSS

Cvelist•added 2026/06/17 9:0 a.m.•27 views

CVE-2026-47340 Apache DolphinScheduler: An incorrect authorization vulnerability allows authenticated users to access alert instances associated with alert groups they do not have permission to access.

0.00433EPSS

CVE•added 2026/06/17 8:55 a.m.•10 views

CVE-2026-41280

CVE-2026-41280 affects Apache DolphinScheduler prior to 3.4.2. The issue is an Incorrect Authorization vulnerability where users with system login privileges can delete task definitions in unauthorized projects due to insufficient access controls. The documented impact is deletion of task definit...

4.9CVSS5AI score0.00437EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/06/17 8:55 a.m.•25 views

CVE-2026-41280 Apache DolphinScheduler: Incorrect Authorization vulnerability allows users with system login privileges to delete task definitions in unauthorized projects

Incorrect Authorization vulnerability allows users with system login privileges to delete task definitions in unauthorized projects This issue affects Apache DolphinScheduler versions prior to 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes this issue...

0.00437EPSS

CVE•added 2026/06/17 8:43 a.m.•13 views

CVE-2026-32966

The CVE affects Apache DolphinScheduler prior to 3.4.2. A missing authorization check in the DataSource API allows exposure of arbitrary data source metadata to unauthenticated users, enabling potential disclosure of sensitive information. The issue’s root cause is insufficient access control on ...

9.8CVSS5.2AI score0.0039EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/06/05 7:51 p.m.•6 views

CVE-2025-62188

An Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Apache DolphinScheduler. This vulnerability may allow unauthorized actors to access sensitive information, including database credentials. This issue affects Apache DolphinScheduler versions 3.1.. Users are...

7.5CVSS5.3AI score0.00521EPSS

Tenable Nessus•added 2026/05/28 12:0 a.m.•7 views

Fedora 45 : dolphin-emu (2026-4a6b728056)

The remote Fedora 45 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-4a6b728056 advisory. Automatic update for dolphin-emu-2503a-16.fc45. Changelog Wed May 27 2026 Jeremy Newton - 2503a-16 - Fix RHBZ2454084 Tenable has extracted the preceding...

6.7CVSS5.8AI score0.00192EPSS

Tenable Nessus•added 2026/04/29 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-41525

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KDE Dolphin before 25.12.3 allows applications in a Flatpak or with AppArmor confinement to open folders outside of the application sandbox without additional...

6.5CVSS5.8AI score0.00127EPSS

RedhatCVE•added 2026/04/28 8:23 a.m.•3 views

CVE-2026-41525

A flaw was found in KDE Dolphin. This vulnerability allows applications operating within a Flatpak or AppArmor sandbox to bypass security restrictions. By exploiting the FileManager1 protocol, a malicious application can prompt users to open files, including scripts or executables, located outsid...

6.5CVSS5.3AI score0.00127EPSS

NVD•added 2026/04/28 8:16 a.m.•3 views

CVE-2026-41525

KDE Dolphin before 25.12.3 allows applications in a Flatpak or with AppArmor confinement to open folders outside of the application sandbox without additional scrutiny. Dolphin's implementation of the FileManager1 protocol allows the path given to be any type of file, including scripts or...

6.5CVSS0.00127EPSS

Exploits0References4

OSV•added 2026/04/28 8:16 a.m.•4 views

DEBIAN-CVE-2026-41525

6.5CVSS5.3AI score0.00127EPSS

OSV•added 2026/04/28 8:16 a.m.•2 views

UBUNTU-CVE-2026-41525

6.5CVSS5.8AI score0.00127EPSS

UbuntuCve•added 2026/04/28 8:16 a.m.•3 views

CVE-2026-41525

6.5CVSS5.8AI score0.00127EPSS

CNNVD•added 2026/04/28 12:0 a.m.•5 views

Dolphin 安全漏洞

Dolphin is an open-source file management and browsing tool available on the KDE GitHub Mirror. Versions of Dolphin prior to 25.12.3 contained security vulnerabilities. These vulnerabilities stemmed from allowing applications restricted by Flatpak or AppArmor to access folders outside of the...

6.5CVSS5.9AI score0.00127EPSS

Cvelist•added 2026/04/28 12:0 a.m.•29 views

CVE-2026-41525

6.5CVSS0.00127EPSS

EUVD•added 2026/04/28 12:0 a.m.•2 views

EUVD-2026-26003

6.5CVSS5.2AI score0.00127EPSS