CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

85 matches found

Apache Pinot < 1.3.0 - Authentication Bypass

This vulnerability allows remote attackers to bypass authentication on affected installations of Apache Pinot. Authentication is not required to exploit this vulnerability.The specific flaw exists within the AuthenticationFilter class. The issue results from insufficient neutralization of special...

9.8CVSS7.5AI score0.17409EPSS

Exploits0References4

Chainguard•added 2026/05/19 7:18 a.m.•8 views

CVE-2026-45300 vulnerabilities

Vulnerabilities for packages: apache-pulsar, druid, pinot-fips, pinot, tez, apache-pulsar-fips...

5.8AI score

Exploits0

Chainguard•added 2026/05/19 7:18 a.m.•6 views

GHSA-FMXF-PM6P-7XGM vulnerabilities

Vulnerabilities for packages: apache-pulsar, druid, pinot-fips, pinot, tez, apache-pulsar-fips...

5.8AI score

Exploits0

Chainguard•added 2026/05/08 1:17 p.m.•5 views

GHSA-JFG9-48MV-9QGX vulnerabilities

Vulnerabilities for packages: druid, apache-activemq-artemis, seata, hono, pinot, thingsboard, management-api-for-apache-cassandra-4.1, apache-hop, tez, management-api-for-apache-cassandra-4.0, trino, celeborn, apache-hop-fips, management-api-for-apache-cassandra-5.0...

5.8AI score

Exploits0

Chainguard•added 2026/05/08 1:17 p.m.•10 views

CVE-2026-44248 vulnerabilities

7.5CVSS6.6AI score0.00018EPSS

Exploits0

Chainguard•added 2026/05/08 1:17 p.m.•6 views

GHSA-RGRR-P7GP-5XJ7 vulnerabilities

Vulnerabilities for packages: druid, seata, thingsboard, pinot, management-api-for-apache-cassandra-4.1, apache-hop, tez, management-api-for-apache-cassandra-4.0, trino, celeborn, apache-hop-fips, management-api-for-apache-cassandra-5.0...

5.8AI score

Exploits0

Chainguard•added 2026/05/08 1:17 p.m.•8 views

CVE-2026-42586 vulnerabilities

7.1CVSS6.6AI score0.00008EPSS

Exploits1

Chainguard•added 2026/04/12 2:17 a.m.•3 views

GHSA-3PXV-7CMR-FJR4 vulnerabilities

Vulnerabilities for packages: druid, apache-activemq-artemis, pinot, ghidra, airflow, spark-fips, infinispan, celeborn, apache-pulsar-fips, apache-activemq, opensearch, tritonserver-backend-vllm-cuda-13.0, apache-pulsar, akhq, strimzi-kafka-operator, apache-hop, apache-jena-fuseki,...

5.8AI score

Exploits0

Chainguard•added 2026/04/12 2:17 a.m.•3 views

CVE-2026-34480 vulnerabilities

7.5CVSS5.8AI score0.00034EPSS

Exploits0

Chainguard•added 2026/03/27 1:18 p.m.•3 views

GHSA-W9FJ-CFPG-GRVV vulnerabilities

Vulnerabilities for packages: keycloak, druid, pinot, kayenta-fips, spark-fips, flyway-fips, infinispan, localstack, apache-pulsar-fips, opensearch, management-api-for-apache-cassandra-5.0, kafbat-ui, apache-pulsar, apicurio-registry, akhq, seata, strimzi-kafka-operator, thingsboard,...

5.8AI score

Exploits0

Chainguard•added 2026/03/27 1:18 p.m.•11 views

CVE-2026-33871 vulnerabilities

8.7CVSS6.8AI score0.00038EPSS

Exploits0

Chainguard•added 2026/03/27 7:17 a.m.•8 views

CVE-2026-33870 vulnerabilities

Vulnerabilities for packages: keycloak, druid, apache-activemq-artemis, pinot, kayenta-fips, spark-fips, flyway-fips, infinispan, celeborn, localstack, apache-pulsar-fips, opensearch, management-api-for-apache-cassandra-5.0, kafbat-ui, apache-pulsar, apicurio-registry, akhq, seata,...

7.5CVSS6.6AI score0.00028EPSS

Exploits1

Chainguard•added 2026/02/19 7:17 a.m.•3 views

CVE-2025-33042 vulnerabilities

Vulnerabilities for packages: apache-pulsar, druid, akhq, kafbat-ui-fips, pinot, wavefront-proxy, spark, logstash, apache-hop, spark-fips, celeborn, apache-hop-fips, hadoop-fips, kafbat-ui...

7.3CVSS7.2AI score0.00057EPSS

Exploits0

Chainguard•added 2026/02/19 7:17 a.m.•2 views

GHSA-RP46-R563-JRC7 vulnerabilities

Vulnerabilities for packages: apache-pulsar, druid, akhq, kafbat-ui-fips, pinot, wavefront-proxy, spark, logstash, apache-hop, spark-fips, celeborn, apache-hop-fips, hadoop-fips, kafbat-ui...

5.8AI score

Exploits0

RedhatCVE•added 2026/01/09 10:41 a.m.•4 views

CVE-2022-26112

In 0.10.0 or older versions of Apache Pinot, Pinot query endpoint and realtime ingestion layer has a vulnerability in unprotected environments due to a groovy function support. In order to avoid this, we disabled the groovy function support by default from Pinot release 0.11.0. See...

9.8CVSS6.8AI score0.01863EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-7272

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.08744EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-1594

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.03233EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-9317

Malicious code in bioql PyPI...

9.8CVSS8.9AI score0.17409EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-6919

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01863EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 7:22 a.m.•6 views

CVE-2024-39676

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot. This issue affects Apache Pinot: from 0.1 before 1.0.0. Users are recommended to upgrade to version 1.0.0 and configure RBAC, which fixes the issue. Details: When using a request to path “/appconfigs” to the...

7.5CVSS7.3AI score0.00347EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by