Lucene search
K

473 matches found

NVD
NVD
added last week8 views

CVE-2026-59827

Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4, Metabase instances with an H2 database connection, including the default sample database, deserialize arbitrary Java objects returned in H2 native query result columns ...

9.9CVSS0.00457EPSS
Exploits1References6
NVD
NVD
added last week10 views

CVE-2026-59826

Metabase is an open-source business intelligence and embedded analytics tool. From 1.55.0 until 1.58.15.1, 1.59.12, 1.60.6.3, and 1.61.2, Metabase did not validate unsafe H2 connection properties on one database-creation code path, allowing an authenticated administrator to register a crafted H2...

9.1CVSS0.00391EPSS
Exploits1References6
CVE
CVE
added last week19 views

CVE-2026-59826

Metabase is an open-source BI/analytics tool. Vulnerable in versions 1.55.0 through 1.58.15.1, 1.59.12, 1.60.6.3, and 1.61.2 due to not validating unsafe H2 connection properties on a database-creation path. An authenticated administrator could register a crafted H2 database connection and execut...

9.1CVSS6.2AI score0.00391EPSS
Exploits1References6
CVE
CVE
added last week13 views

CVE-2026-59827

Metabase (open-source BI/analytics) prior to versions 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4 is vulnerable when using an H2 database connection (including the default sample DB). The flaw allows an authenticated user who can run native H2 queries to deserialize arbitrary Java objects from H2 qu...

9.9CVSS6.2AI score0.00457EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added last week33 views

CVE-2026-59827 Metabase: Unsafe Deserialization of H2 Query Results

Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4, Metabase instances with an H2 database connection, including the default sample database, deserialize arbitrary Java objects returned in H2 native query result columns ...

9.9CVSS0.00457EPSS
Exploits1References6
EUVD
EUVD
added last week8 views

EUVD-2026-42659

Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4, Metabase instances with an H2 database connection, including the default sample database, deserialize arbitrary Java objects returned in H2 native query result columns ...

9.9CVSS6.2AI score0.00457EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-59827

Metabase is an open-source business intelligence and embedded analytics tool. Prior to 1.58.15, 1.59.12, 1.60.6.3, and 1.61.1.4, Metabase instances with an H2 database connection, including the default sample database, deserialize arbitrary Java objects returned in H2 native query result columns ...

9.9CVSS6.2AI score0.00457EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2026/07/08 12:17 p.m.12 views

CVE-2026-41042

Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter. Vulnerability in Apache Gravitino. This issue affects Apache Gravitino: before 1.2.1. Users are recommended to upgrade to version...

9.1CVSS0.00285EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/08 11:38 a.m.36 views

CVE-2026-41042 Apache Gravitino: Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter

Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter. Vulnerability in Apache Gravitino. This issue affects Apache Gravitino: before 1.2.1. Users are recommended to upgrade to version...

0.00285EPSS
Exploits0References1
CVE
CVE
added 2026/07/08 11:38 a.m.17 views

CVE-2026-41042

The CVE-2026-41042 issue affects Apache Gravitino prior to 1.2.1. Unauthenticated callers can supply a crafted H2 JDBC URL through testConnection, leading to arbitrary Java code execution on the server via H2 INIT. Exploitation is network-based with no user interaction, focused when H2 is used (c...

9.1CVSS6.2AI score0.00285EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/08 11:38 a.m.6 views

EUVD-2026-42221

Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter. Vulnerability in Apache Gravitino. This issue affects Apache Gravitino: before 1.2.1. Users are recommended to upgrade to version...

9.1CVSS6.2AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2026/07/07 9:17 p.m.7 views

CVE-2026-53751

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation and H2 parsing, allowing attackers to smuggle dangerous...

8.7CVSS0.00375EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/07/07 8:31 p.m.7 views

CVE-2026-53751

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation and H2 parsing, allowing attackers to smuggle dangerous...

8.7CVSS6.2AI score0.00375EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/07/07 8:31 p.m.22 views

CVE-2026-53751

CVE-2026-53751 affects DataEase prior to 2.10.24. The vulnerability arises from the H2 database JDBC URL validation being bypassable by Unicode characters whose case-conversion behavior differs between DataEase’s validation and H2 parsing, enabling an attacker to smuggle dangerous parameters (e.g...

8.7CVSS6.2AI score0.00375EPSS
Exploits0References3
OSV
OSV
added 2026/07/07 8:31 p.m.6 views

CVE-2026-53751 DataEase: H2 JDBC URL Filter Bypass Leads to Remote Code Execution (RCE)

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation and H2 parsing, allowing attackers to smuggle dangerous...

8.7CVSS6.2AI score0.00375EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/07 1:5 a.m.8 views

Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python-urllib3: python3-urllib3+brotli-2.7.0-3.hum1 noarch python3-urllib3+h2-2.7.0-3.hum1 noarch python3-urllib3+socks-2.7.0-3.hum1 noarch python3-urllib3+zstd-2.7.0-3.hum1 noarch...

8.9CVSS5AI score0.0068EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:41 p.m.7 views

CVE-2025-11159

Hitachi Vantara Pentaho Data Integration & Analytics of all versions contain a JDBC driver for H2 databases which is vulnerable to external script execution when a new connection is created by a data source administrator...

9.1CVSS5.7AI score0.00342EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 12:4 p.m.10 views

RLSA-2026:22528 Moderate: mod_http2 security update

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers. Security Fixes: httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase CVE-2025-53020 For more details about the security issues, including the impact, a CVSS score, acknowledgments, a...

5.3CVSS5.5AI score0.04409EPSS
Exploits1References2
OSV
OSV
added 2026/06/03 2:52 p.m.6 views

ROOT-APP-PYPI-CVE-2025-57804 CVE-2025-57804 in rootio-h2 - Patched by Root

Root has patched CVE-2025-57804 in the rootio-h2 package for Root:PyPI. Multiple fixed versions available...

6.9CVSS5.4AI score0.01596EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in h2database

The org.h2.util.JdbcUtils.getConnection method of the H2 database takes the class name of the driver and the URL of the database as parameters. An attacker may pass in a JNDI driver name and a URL that points to an LDAP or RMI server, allowing for remote code execution. This vulnerability can be...

10CVSS8.8AI score0.63211EPSS
Exploits3References2
Rows per page
Query Builder