Lucene search
K

6 matches found

NVD
NVD
added 2026/06/01 9:16 a.m.17 views

CVE-2026-49298

A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in the pod spec. An authenticated UI/API user with Kubernetes read-only access to the cluster e.g...

8.8CVSS0.00488EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/11 9:5 p.m.29 views

CVE-2026-26010 Leaky JWTs in OpenMetadata exposing highly-privileged bot users

OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services Glue / Redshift / Postgres. Any read-only user can gain access to a highly privileged account, typically which has the...

7.6CVSS0.00331EPSS
Exploits1References2
OSV
OSV
added 2026/02/11 9:5 p.m.7 views

CVE-2026-26010 Leaky JWTs in OpenMetadata exposing highly-privileged bot users

OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services Glue / Redshift / Postgres. Any read-only user can gain access to a highly privileged account, typically which has the...

7.6CVSS5.5AI score0.00331EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/02/11 2:23 p.m.10 views

Leaky JWTs in OpenMetadata exposing highly-privileged bot users

Summary Calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services Glue / Redshift / Postgres Details Any read-only user can gain access to a highly privileged account, typically which has the Ingestion Bot Role. This enables destructive changes...

7.6CVSS5.5AI score0.00331EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/05/21 4:24 p.m.30 views

GHSA-35VC-W93W-75C2 JWT leak via Open Redirect in Programmatic access

Impact Using programmatic access on protected sites, one can get a signed login URL with pomeriumredirecturi set to an arbitrary URL. Then, if the user has already logged into Pomerium, they will be redirected to the specified pomeriumredirecturi with a JWT attached. This allows an outside attack...

6.3CVSS6.1AI score0.00658EPSS
Exploits0References3
Veracode
Veracode
added 2021/04/05 5:48 a.m.22 views

Open Redirect

github.com/pomerium/pomerium is vulnerable to open redirect. When using programmatic login, it does not restrict a signed login URL to redirect a victim to the attacker’s site and eventually can cause a JWT leakage...

6.1CVSS2.4AI score0.00658EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder