CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-21892

Parsl is a Python parallel scripting library. A SQL Injection vulnerability exists in the parsl-visualize component of versions prior to 2026.01.05. The application constructs SQL queries using unsafe string formatting (Python % operator) with user-supplied input (workflow_id) directly from URL routes. This allows an unauthenticated attacker with access to the visualization dashboard to inject arbitrary SQL commands, potentially leading to data exfiltration or denial of service against the monitoring database. Version 2026.01.05 fixes the issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 15.6%

CVSS Severity

CVSS v3 Score 5.3

References

Products affected by CVE-2026-21892

Uchicago » Parsl » Version: 0.1

cpe:2.3:a:uchicago:parsl:0.1
Uchicago » Parsl » Version: 0.1.2

cpe:2.3:a:uchicago:parsl:0.1.2
Uchicago » Parsl » Version: 0.2.0

cpe:2.3:a:uchicago:parsl:0.2.0
Uchicago » Parsl » Version: 0.2.1

cpe:2.3:a:uchicago:parsl:0.2.1
Uchicago » Parsl » Version: 0.2.2

cpe:2.3:a:uchicago:parsl:0.2.2
Uchicago » Parsl » Version: 0.3.0

cpe:2.3:a:uchicago:parsl:0.3.0
Uchicago » Parsl » Version: 0.3.1

cpe:2.3:a:uchicago:parsl:0.3.1
Uchicago » Parsl » Version: 0.4.0

cpe:2.3:a:uchicago:parsl:0.4.0
Uchicago » Parsl » Version: 0.4.1

cpe:2.3:a:uchicago:parsl:0.4.1
Uchicago » Parsl » Version: 0.5.0

cpe:2.3:a:uchicago:parsl:0.5.0
Uchicago » Parsl » Version: 0.5.1

cpe:2.3:a:uchicago:parsl:0.5.1
Uchicago » Parsl » Version: 0.5.2

cpe:2.3:a:uchicago:parsl:0.5.2
Uchicago » Parsl » Version: 0.6.0

cpe:2.3:a:uchicago:parsl:0.6.0
Uchicago » Parsl » Version: 0.6.1

cpe:2.3:a:uchicago:parsl:0.6.1
Uchicago » Parsl » Version: 0.6.2

cpe:2.3:a:uchicago:parsl:0.6.2
Uchicago » Parsl » Version: 0.7.0

cpe:2.3:a:uchicago:parsl:0.7.0
Uchicago » Parsl » Version: 0.7.1

cpe:2.3:a:uchicago:parsl:0.7.1
Uchicago » Parsl » Version: 0.7.2

cpe:2.3:a:uchicago:parsl:0.7.2
Uchicago » Parsl » Version: 0.8.0

cpe:2.3:a:uchicago:parsl:0.8.0
Uchicago » Parsl » Version: 0.9.0

cpe:2.3:a:uchicago:parsl:0.9.0
Uchicago » Parsl » Version: 1.0.0

cpe:2.3:a:uchicago:parsl:1.0.0
Uchicago » Parsl » Version: 1.1.0

cpe:2.3:a:uchicago:parsl:1.1.0
Uchicago » Parsl » Version: 1.2.0

cpe:2.3:a:uchicago:parsl:1.2.0
Uchicago » Parsl » Version: 1.3.0

cpe:2.3:a:uchicago:parsl:1.3.0
Uchicago » Parsl » Version: 2023.02.27

cpe:2.3:a:uchicago:parsl:2023.02.27
Uchicago » Parsl » Version: 2023.03.06

cpe:2.3:a:uchicago:parsl:2023.03.06
Uchicago » Parsl » Version: 2023.03.13

cpe:2.3:a:uchicago:parsl:2023.03.13
Uchicago » Parsl » Version: 2023.03.20

cpe:2.3:a:uchicago:parsl:2023.03.20
Uchicago » Parsl » Version: 2023.03.27

cpe:2.3:a:uchicago:parsl:2023.03.27
Uchicago » Parsl » Version: 2023.04.03

cpe:2.3:a:uchicago:parsl:2023.04.03
Uchicago » Parsl » Version: 2023.04.10

cpe:2.3:a:uchicago:parsl:2023.04.10
Uchicago » Parsl » Version: 2023.04.17

cpe:2.3:a:uchicago:parsl:2023.04.17
Uchicago » Parsl » Version: 2023.04.24

cpe:2.3:a:uchicago:parsl:2023.04.24
Uchicago » Parsl » Version: 2023.05.01

cpe:2.3:a:uchicago:parsl:2023.05.01
Uchicago » Parsl » Version: 2023.05.08

cpe:2.3:a:uchicago:parsl:2023.05.08
Uchicago » Parsl » Version: 2023.05.15

cpe:2.3:a:uchicago:parsl:2023.05.15
Uchicago » Parsl » Version: 2023.05.22

cpe:2.3:a:uchicago:parsl:2023.05.22
Uchicago » Parsl » Version: 2023.05.29

cpe:2.3:a:uchicago:parsl:2023.05.29
Uchicago » Parsl » Version: 2023.06.05

cpe:2.3:a:uchicago:parsl:2023.06.05
Uchicago » Parsl » Version: 2023.06.12

cpe:2.3:a:uchicago:parsl:2023.06.12
Uchicago » Parsl » Version: 2023.06.19

cpe:2.3:a:uchicago:parsl:2023.06.19
Uchicago » Parsl » Version: 2023.06.26

cpe:2.3:a:uchicago:parsl:2023.06.26
Uchicago » Parsl » Version: 2023.07.03

cpe:2.3:a:uchicago:parsl:2023.07.03
Uchicago » Parsl » Version: 2023.07.10

cpe:2.3:a:uchicago:parsl:2023.07.10
Uchicago » Parsl » Version: 2023.07.17

cpe:2.3:a:uchicago:parsl:2023.07.17
Uchicago » Parsl » Version: 2023.07.24

cpe:2.3:a:uchicago:parsl:2023.07.24
Uchicago » Parsl » Version: 2023.07.31

cpe:2.3:a:uchicago:parsl:2023.07.31
Uchicago » Parsl » Version: 2023.08.07

cpe:2.3:a:uchicago:parsl:2023.08.07
Uchicago » Parsl » Version: 2023.08.14

cpe:2.3:a:uchicago:parsl:2023.08.14
Uchicago » Parsl » Version: 2023.08.21

cpe:2.3:a:uchicago:parsl:2023.08.21
Uchicago » Parsl » Version: 2023.08.28

cpe:2.3:a:uchicago:parsl:2023.08.28
Uchicago » Parsl » Version: 2023.09.04

cpe:2.3:a:uchicago:parsl:2023.09.04
Uchicago » Parsl » Version: 2023.09.11

cpe:2.3:a:uchicago:parsl:2023.09.11
Uchicago » Parsl » Version: 2023.09.18

cpe:2.3:a:uchicago:parsl:2023.09.18
Uchicago » Parsl » Version: 2023.09.25

cpe:2.3:a:uchicago:parsl:2023.09.25
Uchicago » Parsl » Version: 2023.10.02

cpe:2.3:a:uchicago:parsl:2023.10.02
Uchicago » Parsl » Version: 2023.10.09

cpe:2.3:a:uchicago:parsl:2023.10.09
Uchicago » Parsl » Version: 2023.10.16

cpe:2.3:a:uchicago:parsl:2023.10.16
Uchicago » Parsl » Version: 2023.10.23

cpe:2.3:a:uchicago:parsl:2023.10.23
Uchicago » Parsl » Version: 2023.11.13

cpe:2.3:a:uchicago:parsl:2023.11.13
Uchicago » Parsl » Version: 2023.11.20

cpe:2.3:a:uchicago:parsl:2023.11.20
Uchicago » Parsl » Version: 2023.11.27

cpe:2.3:a:uchicago:parsl:2023.11.27
Uchicago » Parsl » Version: 2023.12.04

cpe:2.3:a:uchicago:parsl:2023.12.04
Uchicago » Parsl » Version: 2023.12.11

cpe:2.3:a:uchicago:parsl:2023.12.11
Uchicago » Parsl » Version: 2023.12.18

cpe:2.3:a:uchicago:parsl:2023.12.18
Uchicago » Parsl » Version: 2023.12.25

cpe:2.3:a:uchicago:parsl:2023.12.25
Uchicago » Parsl » Version: 2024.01.01

cpe:2.3:a:uchicago:parsl:2024.01.01
Uchicago » Parsl » Version: 2024.01.08

cpe:2.3:a:uchicago:parsl:2024.01.08
Uchicago » Parsl » Version: 2024.01.15

cpe:2.3:a:uchicago:parsl:2024.01.15
Uchicago » Parsl » Version: 2024.01.22

cpe:2.3:a:uchicago:parsl:2024.01.22
Uchicago » Parsl » Version: 2024.01.29

cpe:2.3:a:uchicago:parsl:2024.01.29
Uchicago » Parsl » Version: 2024.02.05

cpe:2.3:a:uchicago:parsl:2024.02.05
Uchicago » Parsl » Version: 2024.02.12

cpe:2.3:a:uchicago:parsl:2024.02.12
Uchicago » Parsl » Version: 2024.02.19

cpe:2.3:a:uchicago:parsl:2024.02.19
Uchicago » Parsl » Version: 2024.02.26

cpe:2.3:a:uchicago:parsl:2024.02.26
Uchicago » Parsl » Version: 2024.03.04

cpe:2.3:a:uchicago:parsl:2024.03.04
Uchicago » Parsl » Version: 2024.03.11

cpe:2.3:a:uchicago:parsl:2024.03.11
Uchicago » Parsl » Version: 2024.03.18

cpe:2.3:a:uchicago:parsl:2024.03.18
Uchicago » Parsl » Version: 2024.03.25

cpe:2.3:a:uchicago:parsl:2024.03.25
Uchicago » Parsl » Version: 2024.04.01

cpe:2.3:a:uchicago:parsl:2024.04.01
Uchicago » Parsl » Version: 2024.04.08

cpe:2.3:a:uchicago:parsl:2024.04.08
Uchicago » Parsl » Version: 2024.04.15

cpe:2.3:a:uchicago:parsl:2024.04.15
Uchicago » Parsl » Version: 2024.04.22

cpe:2.3:a:uchicago:parsl:2024.04.22
Uchicago » Parsl » Version: 2024.04.29

cpe:2.3:a:uchicago:parsl:2024.04.29
Uchicago » Parsl » Version: 2024.05.06

cpe:2.3:a:uchicago:parsl:2024.05.06
Uchicago » Parsl » Version: 2024.05.13

cpe:2.3:a:uchicago:parsl:2024.05.13
Uchicago » Parsl » Version: 2024.05.20

cpe:2.3:a:uchicago:parsl:2024.05.20
Uchicago » Parsl » Version: 2024.05.27

cpe:2.3:a:uchicago:parsl:2024.05.27
Uchicago » Parsl » Version: 2024.06.03

cpe:2.3:a:uchicago:parsl:2024.06.03
Uchicago » Parsl » Version: 2024.06.10

cpe:2.3:a:uchicago:parsl:2024.06.10
Uchicago » Parsl » Version: 2024.06.17

cpe:2.3:a:uchicago:parsl:2024.06.17
Uchicago » Parsl » Version: 2024.06.24

cpe:2.3:a:uchicago:parsl:2024.06.24
Uchicago » Parsl » Version: 2024.07.01

cpe:2.3:a:uchicago:parsl:2024.07.01
Uchicago » Parsl » Version: 2024.07.08

cpe:2.3:a:uchicago:parsl:2024.07.08
Uchicago » Parsl » Version: 2024.07.15

cpe:2.3:a:uchicago:parsl:2024.07.15
Uchicago » Parsl » Version: 2024.07.22

cpe:2.3:a:uchicago:parsl:2024.07.22
Uchicago » Parsl » Version: 2024.07.29

cpe:2.3:a:uchicago:parsl:2024.07.29
Uchicago » Parsl » Version: 2024.08.05

cpe:2.3:a:uchicago:parsl:2024.08.05
Uchicago » Parsl » Version: 2024.08.12

cpe:2.3:a:uchicago:parsl:2024.08.12
Uchicago » Parsl » Version: 2024.08.19

cpe:2.3:a:uchicago:parsl:2024.08.19
Uchicago » Parsl » Version: 2024.08.26

cpe:2.3:a:uchicago:parsl:2024.08.26
Uchicago » Parsl » Version: 2024.09.02

cpe:2.3:a:uchicago:parsl:2024.09.02
Uchicago » Parsl » Version: 2024.09.09

cpe:2.3:a:uchicago:parsl:2024.09.09
Uchicago » Parsl » Version: 2024.09.16

cpe:2.3:a:uchicago:parsl:2024.09.16
Uchicago » Parsl » Version: 2024.09.23

cpe:2.3:a:uchicago:parsl:2024.09.23
Uchicago » Parsl » Version: 2024.09.30

cpe:2.3:a:uchicago:parsl:2024.09.30
Uchicago » Parsl » Version: 2024.10.07

cpe:2.3:a:uchicago:parsl:2024.10.07
Uchicago » Parsl » Version: 2024.10.14

cpe:2.3:a:uchicago:parsl:2024.10.14
Uchicago » Parsl » Version: 2024.10.21

cpe:2.3:a:uchicago:parsl:2024.10.21
Uchicago » Parsl » Version: 2024.10.28

cpe:2.3:a:uchicago:parsl:2024.10.28
Uchicago » Parsl » Version: 2024.11.04

cpe:2.3:a:uchicago:parsl:2024.11.04
Uchicago » Parsl » Version: 2024.11.11

cpe:2.3:a:uchicago:parsl:2024.11.11
Uchicago » Parsl » Version: 2024.11.18

cpe:2.3:a:uchicago:parsl:2024.11.18
Uchicago » Parsl » Version: 2024.11.25

cpe:2.3:a:uchicago:parsl:2024.11.25
Uchicago » Parsl » Version: 2024.12.02

cpe:2.3:a:uchicago:parsl:2024.12.02
Uchicago » Parsl » Version: 2024.12.09

cpe:2.3:a:uchicago:parsl:2024.12.09
Uchicago » Parsl » Version: 2024.12.16

cpe:2.3:a:uchicago:parsl:2024.12.16
Uchicago » Parsl » Version: 2024.12.23

cpe:2.3:a:uchicago:parsl:2024.12.23
Uchicago » Parsl » Version: 2024.12.30

cpe:2.3:a:uchicago:parsl:2024.12.30
Uchicago » Parsl » Version: 2025.01.06

cpe:2.3:a:uchicago:parsl:2025.01.06
Uchicago » Parsl » Version: 2025.01.13

cpe:2.3:a:uchicago:parsl:2025.01.13
Uchicago » Parsl » Version: 2025.01.20

cpe:2.3:a:uchicago:parsl:2025.01.20
Uchicago » Parsl » Version: 2025.01.27

cpe:2.3:a:uchicago:parsl:2025.01.27
Uchicago » Parsl » Version: 2025.02.03

cpe:2.3:a:uchicago:parsl:2025.02.03
Uchicago » Parsl » Version: 2025.02.10

cpe:2.3:a:uchicago:parsl:2025.02.10
Uchicago » Parsl » Version: 2025.02.17

cpe:2.3:a:uchicago:parsl:2025.02.17
Uchicago » Parsl » Version: 2025.02.24

cpe:2.3:a:uchicago:parsl:2025.02.24
Uchicago » Parsl » Version: 2025.03.03

cpe:2.3:a:uchicago:parsl:2025.03.03
Uchicago » Parsl » Version: 2025.03.10

cpe:2.3:a:uchicago:parsl:2025.03.10
Uchicago » Parsl » Version: 2025.03.17

cpe:2.3:a:uchicago:parsl:2025.03.17
Uchicago » Parsl » Version: 2025.03.24

cpe:2.3:a:uchicago:parsl:2025.03.24
Uchicago » Parsl » Version: 2025.03.31

cpe:2.3:a:uchicago:parsl:2025.03.31
Uchicago » Parsl » Version: 2025.04.07

cpe:2.3:a:uchicago:parsl:2025.04.07
Uchicago » Parsl » Version: 2025.04.14

cpe:2.3:a:uchicago:parsl:2025.04.14
Uchicago » Parsl » Version: 2025.04.21

cpe:2.3:a:uchicago:parsl:2025.04.21
Uchicago » Parsl » Version: 2025.04.28

cpe:2.3:a:uchicago:parsl:2025.04.28
Uchicago » Parsl » Version: 2025.05.05

cpe:2.3:a:uchicago:parsl:2025.05.05
Uchicago » Parsl » Version: 2025.05.12

cpe:2.3:a:uchicago:parsl:2025.05.12
Uchicago » Parsl » Version: 2025.05.19

cpe:2.3:a:uchicago:parsl:2025.05.19
Uchicago » Parsl » Version: 2025.05.26

cpe:2.3:a:uchicago:parsl:2025.05.26
Uchicago » Parsl » Version: 2025.06.02

cpe:2.3:a:uchicago:parsl:2025.06.02
Uchicago » Parsl » Version: 2025.06.09

cpe:2.3:a:uchicago:parsl:2025.06.09
Uchicago » Parsl » Version: 2025.06.16

cpe:2.3:a:uchicago:parsl:2025.06.16
Uchicago » Parsl » Version: 2025.06.23

cpe:2.3:a:uchicago:parsl:2025.06.23
Uchicago » Parsl » Version: 2025.06.30

cpe:2.3:a:uchicago:parsl:2025.06.30
Uchicago » Parsl » Version: 2025.07.07

cpe:2.3:a:uchicago:parsl:2025.07.07
Uchicago » Parsl » Version: 2025.07.14

cpe:2.3:a:uchicago:parsl:2025.07.14
Uchicago » Parsl » Version: 2025.07.21

cpe:2.3:a:uchicago:parsl:2025.07.21
Uchicago » Parsl » Version: 2025.07.28

cpe:2.3:a:uchicago:parsl:2025.07.28
Uchicago » Parsl » Version: 2025.08.04

cpe:2.3:a:uchicago:parsl:2025.08.04
Uchicago » Parsl » Version: 2025.08.11

cpe:2.3:a:uchicago:parsl:2025.08.11
Uchicago » Parsl » Version: 2025.08.18

cpe:2.3:a:uchicago:parsl:2025.08.18
Uchicago » Parsl » Version: 2025.08.25

cpe:2.3:a:uchicago:parsl:2025.08.25
Uchicago » Parsl » Version: 2025.09.01

cpe:2.3:a:uchicago:parsl:2025.09.01
Uchicago » Parsl » Version: 2025.09.08

cpe:2.3:a:uchicago:parsl:2025.09.08
Uchicago » Parsl » Version: 2025.09.15

cpe:2.3:a:uchicago:parsl:2025.09.15
Uchicago » Parsl » Version: 2025.09.22

cpe:2.3:a:uchicago:parsl:2025.09.22
Uchicago » Parsl » Version: 2025.09.29

cpe:2.3:a:uchicago:parsl:2025.09.29
Uchicago » Parsl » Version: 2025.10.06

cpe:2.3:a:uchicago:parsl:2025.10.06
Uchicago » Parsl » Version: 2025.10.13

cpe:2.3:a:uchicago:parsl:2025.10.13
Uchicago » Parsl » Version: 2025.10.20

cpe:2.3:a:uchicago:parsl:2025.10.20
Uchicago » Parsl » Version: 2025.10.27

cpe:2.3:a:uchicago:parsl:2025.10.27
Uchicago » Parsl » Version: 2025.11.03

cpe:2.3:a:uchicago:parsl:2025.11.03
Uchicago » Parsl » Version: 2025.11.10

cpe:2.3:a:uchicago:parsl:2025.11.10
Uchicago » Parsl » Version: 2025.11.17

cpe:2.3:a:uchicago:parsl:2025.11.17
Uchicago » Parsl » Version: 2025.11.24

cpe:2.3:a:uchicago:parsl:2025.11.24
Uchicago » Parsl » Version: 2025.12.08

cpe:2.3:a:uchicago:parsl:2025.12.08
Uchicago » Parsl » Version: 2025.12.1

cpe:2.3:a:uchicago:parsl:2025.12.1
Uchicago » Parsl » Version: 2025.12.15

cpe:2.3:a:uchicago:parsl:2025.12.15
Uchicago » Parsl » Version: 2025.12.22

cpe:2.3:a:uchicago:parsl:2025.12.22
Uchicago » Parsl » Version: 2025.12.29

cpe:2.3:a:uchicago:parsl:2025.12.29

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-21892

Products

Pricing

Contact Us