CVE-2026-27478 Unity Catalog has a JWT Issuer Validation Bypass Allows Complete User Impersonation

Unity Catalog is an open, multi-modal Catalog for data and AI. In 0.4.0 and earlier, a critical authentication bypass vulnerability exists in the Unity Catalog token exchange endpoint /api/1.0/unity-control/auth/tokens. The endpoint extracts the issuer iss claim from incoming JWTs and uses it to...

CVE-2026-27478

Unity Catalog is an open, multi-modal Catalog for data and AI. In 0.4.0 and earlier, a critical authentication bypass vulnerability exists in the Unity Catalog token exchange endpoint /api/1.0/unity-control/auth/tokens. The endpoint extracts the issuer iss claim from incoming JWTs and uses it to...

CVE-2026-27478

CVE-2026-27478 relates to Unity Catalog (0.4.0 and earlier). The vulnerability is a critical authentication bypass in the token exchange endpoint at /api/1.0/unity-control/auth/tokens, where the issuer (iss) claim from incoming JWTs is used to dynamically fetch the JWKS endpoint for signature val...

CVE-2026-27478 Unity Catalog has a JWT Issuer Validation Bypass Allows Complete User Impersonation

Unity Catalog is an open, multi-modal Catalog for data and AI. In 0.4.0 and earlier, a critical authentication bypass vulnerability exists in the Unity Catalog token exchange endpoint /api/1.0/unity-control/auth/tokens. The endpoint extracts the issuer iss claim from incoming JWTs and uses it to...

PT-2026-24800

Name of the Vulnerable Software and Affected Versions Unity Catalog versions 0.4.0 and earlier Description Unity Catalog is an open, multi-modal Catalog for data and AI. A critical authentication bypass exists in the Unity Catalog token exchange endpoint, /api/1.0/unity-control/auth/tokens. The...

Unity Catalog 安全漏洞

Unity Catalog is an open-source multi-modal data and AI asset governance directory developed by unitycatalog. Versions of Unity Catalog prior to 0.4.0 contain security vulnerabilities; these vulnerabilities stem from authentication bypass exploits, which could allow attackers to circumvent...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: rubygem-rack (UTSA-2026-005939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005939 advisory. Rack is a modular Ruby web server interface. The Rack::Sendfile middleware logs unsanitised header values from the X-Sendfile-Type header. An attacker can exploit th...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: iperf3 (UTSA-2026-005934)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005934 advisory. In iperf before 3.19.1, iperfauth.c has an off-by-one error and resultant heap-based buffer overflow. Tenable has extracted the preceding description block directly...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005924)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005924 advisory. A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005921)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005921 advisory. A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005927)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005927 advisory. A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005929)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005929 advisory. A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005923)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005923 advisory. A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap- buffer overflow may lead to a privilege escalation vulnerabilit...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005920)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005920 advisory. A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap- buffer overflow may lead to a privilege escalation vulnerabilit...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005926)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005926 advisory. A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcRenderCompositeGlyphs function. The...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005919)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005919 advisory. A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005922)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005922 advisory. A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest...

Unity Linux 20.1070e Security Update: xorg-x11-server (UTSA-2026-005928)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005928 advisory. A flaw was found in xorg-x11-server before 1.20.10. A heap-buffer overflow in XkbSetDeviceInfo may lead to a privilege escalation vulnerability. The highest threat...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-005911)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005911 advisory. Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP header...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-005912)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005912 advisory. Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, a single maliciously crafted HTTP request can block the server's...