H2O ImportFiles - Local File Inclusion

An attacker is able to read any file on the server hosting the H2O dashboard without any authentication. id: CVE-2023-6038 info: name: H2O ImportFiles - Local File Inclusion author: danmcinerney,byt3bl33d3r severity: high description: | An attacker is able to read any file on the server hosting t...

FreeBSD : h2o -- heap overrun parsing zero-length SNI (fba766f4-ccda-4e1b-8875-ab857c6a6532)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fba766f4-ccda-4e1b-8875-ab857c6a6532 advisory. h2o project reports: When h2o receives a TLS or QUIC ClientHello containing a zero-length SNI extension...

FreeBSD : h2o -- HTTP/2 state amplification denial of service (35c57495-2231-4733-a66e-044f3dad8b21)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 35c57495-2231-4733-a66e-044f3dad8b21 advisory. h2o project reports: An HTTP/2 attack can combine HPACK decompression state amplification with stalled...

FreeBSD : h2o -- stack overflow serving static files on musl libc (644d5e6c-1bd9-4904-8440-16c04100a2e1)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 644d5e6c-1bd9-4904-8440-16c04100a2e1 advisory. h2o project reports: When serving static files, h2o can allocate a file path on the stack using alloca...

ai.chronon:service_2.11 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:service_2.12 (>=0.0.86 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91) +2483 more potentially affected by CVE-2026-46340 via io.netty:netty-transport-sctp (>=4.0.0.Beta1 <=4.1.134.Final)

io.netty:netty-transport-sctp MAVEN version =4.0.0.Beta1, =0.0.86, =0.0.86, =0.0.86, =3.30.1.1, =3.10.0.5, =0.2.3.5, =0.0.1, =2.0.24, =1.1.9, =0.3.36, =0.3.39 and more Source cves: CVE-2026-46340 Source advisory: OSV:GHSA-5XRH-QMMQ-W6CH...

ai.h2o:h2o-algos (=0.1.9), ai.h2o:h2o-app (=0.1.9) +2025 more potentially affected by CVE-2026-45536 via io.netty:netty-transport-native-kqueue (>=4.1.11.Final <=4.1.134.Final)

io.netty:netty-transport-native-kqueue MAVEN version =4.1.11.Final, =3.30.1.1, =3.10.0.5, =0.2.3.5, =2.4.0, =1.5.0, =3.0.0, =3.0.0, =1.0.3, =4.4.0, =4.7.3 and more Source cves: CVE-2026-45536 Source advisory: OSV:GHSA-W573-9FFJ-6FF9...

CVE-2026-3960

A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient security controls in the parameter blacklist mechanism, which only targets MySQL JDBC driver-specific...

h2o-notebook (>=0.3.0 <=0.4.1) potentially affected by CVE-2026-44182 via jupyter-enterprise-gateway (=3.2.2)

jupyter-enterprise-gateway PYPI version =3.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on jupyter-enterprise-gateway and may be impacted: - h2o-notebook =0.3.0, =0.4.1 Source cves: CVE-2026-44182 Source advisory: OSV:GHSA-CFW7-6C5V-2WJQ...

h2o-notebook (>=0.3.0 <=0.4.1) potentially affected by CVE-2026-44181 via jupyter-enterprise-gateway (=3.2.2)

jupyter-enterprise-gateway PYPI version =3.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on jupyter-enterprise-gateway and may be impacted: - h2o-notebook =0.3.0, =0.4.1 Source cves: CVE-2026-44181 Source advisory: OSV:GHSA-F49J-V924-FX9W...

h2o-notebook (>=0.3.0 <=0.4.1) potentially affected by CVE-2026-44180 via jupyter-enterprise-gateway (=3.2.2)

jupyter-enterprise-gateway PYPI version =3.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on jupyter-enterprise-gateway and may be impacted: - h2o-notebook =0.3.0, =0.4.1 Source cves: CVE-2026-44180 Source advisory: OSV:GHSA-CHQ7-94J8-CJ28...

CVE-2026-8751

A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...

CVE-2026-8750

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. Th...

CVE-2026-8752

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2026-8750 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)

ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2026-8750 Source advisory: SNYK:JAVA-AIH2O-17191772...

ai.h2o:h2o-admissibleml (>=3.34.0.1 <=3.46.0.11), ai.h2o:h2o-algos (>=0.1.9 <=3.46.0.11) +49 more potentially affected by CVE-2026-8751 via ai.h2o:h2o-core (>=0.1.10 <=3.8.3.4)

ai.h2o:h2o-core MAVEN version =0.1.10, =3.34.0.1, =0.1.9, =0.1.9, =3.12.0.1, =3.8.2.4, =3.14.0.7, =3.16.0.1, =3.14.0.1, =3.24.0.1, =3.30.1.1, =3.26.0.4, =3.10.5.1, =3.24.0.1, =3.30.0.1, =3.34.0.3, =3.46.0.11 and more Source cves: CVE-2026-8751 Source advisory: SNYK:JAVA-AIH2O-17191958...

CVE-2026-8752

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

CVE-2026-8751

A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The...

EUVD-2026-30699

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

CVE-2026-8752 h2oai h2o-3 Rapids setproperty Primitive AstSetProperty.java exec access control

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...

CVE-2026-8752 h2oai h2o-3 Rapids setproperty Primitive AstSetProperty.java exec access control

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access...