CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-26010

OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services (Glue / Redshift / Postgres). Any read-only user can gain access to a highly privileged account, typically which has the Ingestion Bot Role. This enables destructive changes in OpenMetadata instances, and potential data leakage (e.g. sample data, or service metadata which would be unavailable per roles/policies). This vulnerability is fixed in 1.11.8.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 1.6%

CVSS Severity

CVSS v3 Score 7.6

References

Products affected by CVE-2026-26010

Open-Metadata » Openmetadata » Version: 0.10.0

cpe:2.3:a:open-metadata:openmetadata:0.10.0
Open-Metadata » Openmetadata » Version: 0.10.1

cpe:2.3:a:open-metadata:openmetadata:0.10.1
Open-Metadata » Openmetadata » Version: 0.10.2

cpe:2.3:a:open-metadata:openmetadata:0.10.2
Open-Metadata » Openmetadata » Version: 0.10.3

cpe:2.3:a:open-metadata:openmetadata:0.10.3
Open-Metadata » Openmetadata » Version: 0.10.4

cpe:2.3:a:open-metadata:openmetadata:0.10.4
Open-Metadata » Openmetadata » Version: 0.11.0

cpe:2.3:a:open-metadata:openmetadata:0.11.0
Open-Metadata » Openmetadata » Version: 0.11.1

cpe:2.3:a:open-metadata:openmetadata:0.11.1
Open-Metadata » Openmetadata » Version: 0.11.2

cpe:2.3:a:open-metadata:openmetadata:0.11.2
Open-Metadata » Openmetadata » Version: 0.11.3

cpe:2.3:a:open-metadata:openmetadata:0.11.3
Open-Metadata » Openmetadata » Version: 0.11.4

cpe:2.3:a:open-metadata:openmetadata:0.11.4
Open-Metadata » Openmetadata » Version: 0.11.5

cpe:2.3:a:open-metadata:openmetadata:0.11.5
Open-Metadata » Openmetadata » Version: 0.12.0

cpe:2.3:a:open-metadata:openmetadata:0.12.0
Open-Metadata » Openmetadata » Version: 0.12.1

cpe:2.3:a:open-metadata:openmetadata:0.12.1
Open-Metadata » Openmetadata » Version: 0.12.2

cpe:2.3:a:open-metadata:openmetadata:0.12.2
Open-Metadata » Openmetadata » Version: 0.12.3

cpe:2.3:a:open-metadata:openmetadata:0.12.3
Open-Metadata » Openmetadata » Version: 0.13.0

cpe:2.3:a:open-metadata:openmetadata:0.13.0
Open-Metadata » Openmetadata » Version: 0.13.1

cpe:2.3:a:open-metadata:openmetadata:0.13.1
Open-Metadata » Openmetadata » Version: 0.13.2

cpe:2.3:a:open-metadata:openmetadata:0.13.2
Open-Metadata » Openmetadata » Version: 0.13.2beta

cpe:2.3:a:open-metadata:openmetadata:0.13.2beta
Open-Metadata » Openmetadata » Version: 0.13.3

cpe:2.3:a:open-metadata:openmetadata:0.13.3
Open-Metadata » Openmetadata » Version: 0.13.4

cpe:2.3:a:open-metadata:openmetadata:0.13.4
Open-Metadata » Openmetadata » Version: 0.3.0

cpe:2.3:a:open-metadata:openmetadata:0.3.0
Open-Metadata » Openmetadata » Version: 0.3.1

cpe:2.3:a:open-metadata:openmetadata:0.3.1
Open-Metadata » Openmetadata » Version: 0.4.0

cpe:2.3:a:open-metadata:openmetadata:0.4.0
Open-Metadata » Openmetadata » Version: 0.5.0

cpe:2.3:a:open-metadata:openmetadata:0.5.0
Open-Metadata » Openmetadata » Version: 0.6.0

cpe:2.3:a:open-metadata:openmetadata:0.6.0
Open-Metadata » Openmetadata » Version: 0.7.0

cpe:2.3:a:open-metadata:openmetadata:0.7.0
Open-Metadata » Openmetadata » Version: 0.7.1

cpe:2.3:a:open-metadata:openmetadata:0.7.1
Open-Metadata » Openmetadata » Version: 0.8.0

cpe:2.3:a:open-metadata:openmetadata:0.8.0
Open-Metadata » Openmetadata » Version: 0.8.1

cpe:2.3:a:open-metadata:openmetadata:0.8.1
Open-Metadata » Openmetadata » Version: 0.8.2

cpe:2.3:a:open-metadata:openmetadata:0.8.2
Open-Metadata » Openmetadata » Version: 0.8.3

cpe:2.3:a:open-metadata:openmetadata:0.8.3
Open-Metadata » Openmetadata » Version: 0.8.4

cpe:2.3:a:open-metadata:openmetadata:0.8.4
Open-Metadata » Openmetadata » Version: 0.9.0

cpe:2.3:a:open-metadata:openmetadata:0.9.0
Open-Metadata » Openmetadata » Version: 0.9.1

cpe:2.3:a:open-metadata:openmetadata:0.9.1
Open-Metadata » Openmetadata » Version: 1.0.0

cpe:2.3:a:open-metadata:openmetadata:1.0.0
Open-Metadata » Openmetadata » Version: 1.0.0alpha

cpe:2.3:a:open-metadata:openmetadata:1.0.0alpha
Open-Metadata » Openmetadata » Version: 1.0.0beta

cpe:2.3:a:open-metadata:openmetadata:1.0.0beta
Open-Metadata » Openmetadata » Version: 1.0.1

cpe:2.3:a:open-metadata:openmetadata:1.0.1
Open-Metadata » Openmetadata » Version: 1.0.2

cpe:2.3:a:open-metadata:openmetadata:1.0.2
Open-Metadata » Openmetadata » Version: 1.0.3

cpe:2.3:a:open-metadata:openmetadata:1.0.3
Open-Metadata » Openmetadata » Version: 1.0.4

cpe:2.3:a:open-metadata:openmetadata:1.0.4
Open-Metadata » Openmetadata » Version: 1.0.5

cpe:2.3:a:open-metadata:openmetadata:1.0.5
Open-Metadata » Openmetadata » Version: 1.1.0

cpe:2.3:a:open-metadata:openmetadata:1.1.0
Open-Metadata » Openmetadata » Version: 1.1.0beta

cpe:2.3:a:open-metadata:openmetadata:1.1.0beta
Open-Metadata » Openmetadata » Version: 1.1.1

cpe:2.3:a:open-metadata:openmetadata:1.1.1
Open-Metadata » Openmetadata » Version: 1.1.2

cpe:2.3:a:open-metadata:openmetadata:1.1.2
Open-Metadata » Openmetadata » Version: 1.1.2.1

cpe:2.3:a:open-metadata:openmetadata:1.1.2.1
Open-Metadata » Openmetadata » Version: 1.1.3

cpe:2.3:a:open-metadata:openmetadata:1.1.3
Open-Metadata » Openmetadata » Version: 1.1.4

cpe:2.3:a:open-metadata:openmetadata:1.1.4
Open-Metadata » Openmetadata » Version: 1.1.5

cpe:2.3:a:open-metadata:openmetadata:1.1.5
Open-Metadata » Openmetadata » Version: 1.1.6

cpe:2.3:a:open-metadata:openmetadata:1.1.6
Open-Metadata » Openmetadata » Version: 1.1.7

cpe:2.3:a:open-metadata:openmetadata:1.1.7
Open-Metadata » Openmetadata » Version: 1.10.0

cpe:2.3:a:open-metadata:openmetadata:1.10.0
Open-Metadata » Openmetadata » Version: 1.10.1

cpe:2.3:a:open-metadata:openmetadata:1.10.1
Open-Metadata » Openmetadata » Version: 1.10.10

cpe:2.3:a:open-metadata:openmetadata:1.10.10
Open-Metadata » Openmetadata » Version: 1.10.11

cpe:2.3:a:open-metadata:openmetadata:1.10.11
Open-Metadata » Openmetadata » Version: 1.10.12

cpe:2.3:a:open-metadata:openmetadata:1.10.12
Open-Metadata » Openmetadata » Version: 1.10.13

cpe:2.3:a:open-metadata:openmetadata:1.10.13
Open-Metadata » Openmetadata » Version: 1.10.14

cpe:2.3:a:open-metadata:openmetadata:1.10.14
Open-Metadata » Openmetadata » Version: 1.10.2

cpe:2.3:a:open-metadata:openmetadata:1.10.2
Open-Metadata » Openmetadata » Version: 1.10.3

cpe:2.3:a:open-metadata:openmetadata:1.10.3
Open-Metadata » Openmetadata » Version: 1.10.4

cpe:2.3:a:open-metadata:openmetadata:1.10.4
Open-Metadata » Openmetadata » Version: 1.10.5

cpe:2.3:a:open-metadata:openmetadata:1.10.5
Open-Metadata » Openmetadata » Version: 1.10.6

cpe:2.3:a:open-metadata:openmetadata:1.10.6
Open-Metadata » Openmetadata » Version: 1.10.7

cpe:2.3:a:open-metadata:openmetadata:1.10.7
Open-Metadata » Openmetadata » Version: 1.10.8

cpe:2.3:a:open-metadata:openmetadata:1.10.8
Open-Metadata » Openmetadata » Version: 1.10.9

cpe:2.3:a:open-metadata:openmetadata:1.10.9
Open-Metadata » Openmetadata » Version: 1.11.0

cpe:2.3:a:open-metadata:openmetadata:1.11.0
Open-Metadata » Openmetadata » Version: 1.11.0-rc1

cpe:2.3:a:open-metadata:openmetadata:1.11.0-rc1
Open-Metadata » Openmetadata » Version: 1.11.1

cpe:2.3:a:open-metadata:openmetadata:1.11.1
Open-Metadata » Openmetadata » Version: 1.11.2

cpe:2.3:a:open-metadata:openmetadata:1.11.2
Open-Metadata » Openmetadata » Version: 1.11.3

cpe:2.3:a:open-metadata:openmetadata:1.11.3
Open-Metadata » Openmetadata » Version: 1.11.4

cpe:2.3:a:open-metadata:openmetadata:1.11.4
Open-Metadata » Openmetadata » Version: 1.2.0

cpe:2.3:a:open-metadata:openmetadata:1.2.0
Open-Metadata » Openmetadata » Version: 1.2.0beta

cpe:2.3:a:open-metadata:openmetadata:1.2.0beta
Open-Metadata » Openmetadata » Version: 1.2.1

cpe:2.3:a:open-metadata:openmetadata:1.2.1
Open-Metadata » Openmetadata » Version: 1.2.2

cpe:2.3:a:open-metadata:openmetadata:1.2.2
Open-Metadata » Openmetadata » Version: 1.2.3

cpe:2.3:a:open-metadata:openmetadata:1.2.3
Open-Metadata » Openmetadata » Version: 1.2.4

cpe:2.3:a:open-metadata:openmetadata:1.2.4
Open-Metadata » Openmetadata » Version: 1.2.5

cpe:2.3:a:open-metadata:openmetadata:1.2.5
Open-Metadata » Openmetadata » Version: 1.3.0

cpe:2.3:a:open-metadata:openmetadata:1.3.0
Open-Metadata » Openmetadata » Version: 1.3.0beta

cpe:2.3:a:open-metadata:openmetadata:1.3.0beta
Open-Metadata » Openmetadata » Version: 1.3.1

cpe:2.3:a:open-metadata:openmetadata:1.3.1
Open-Metadata » Openmetadata » Version: 1.3.2

cpe:2.3:a:open-metadata:openmetadata:1.3.2
Open-Metadata » Openmetadata » Version: 1.3.2rc1

cpe:2.3:a:open-metadata:openmetadata:1.3.2rc1
Open-Metadata » Openmetadata » Version: 1.3.2rc2

cpe:2.3:a:open-metadata:openmetadata:1.3.2rc2
Open-Metadata » Openmetadata » Version: 1.3.2rc3

cpe:2.3:a:open-metadata:openmetadata:1.3.2rc3
Open-Metadata » Openmetadata » Version: 1.3.3

cpe:2.3:a:open-metadata:openmetadata:1.3.3
Open-Metadata » Openmetadata » Version: 1.3.3rc1

cpe:2.3:a:open-metadata:openmetadata:1.3.3rc1
Open-Metadata » Openmetadata » Version: 1.3.4

cpe:2.3:a:open-metadata:openmetadata:1.3.4
Open-Metadata » Openmetadata » Version: 1.4.0

cpe:2.3:a:open-metadata:openmetadata:1.4.0
Open-Metadata » Openmetadata » Version: 1.4.0rc1

cpe:2.3:a:open-metadata:openmetadata:1.4.0rc1
Open-Metadata » Openmetadata » Version: 1.4.0rc2

cpe:2.3:a:open-metadata:openmetadata:1.4.0rc2
Open-Metadata » Openmetadata » Version: 1.4.0rc3

cpe:2.3:a:open-metadata:openmetadata:1.4.0rc3
Open-Metadata » Openmetadata » Version: 1.4.0rc4

cpe:2.3:a:open-metadata:openmetadata:1.4.0rc4
Open-Metadata » Openmetadata » Version: 1.4.1

cpe:2.3:a:open-metadata:openmetadata:1.4.1
Open-Metadata » Openmetadata » Version: 1.4.2

cpe:2.3:a:open-metadata:openmetadata:1.4.2
Open-Metadata » Openmetadata » Version: 1.4.3

cpe:2.3:a:open-metadata:openmetadata:1.4.3
Open-Metadata » Openmetadata » Version: 1.4.4

cpe:2.3:a:open-metadata:openmetadata:1.4.4
Open-Metadata » Openmetadata » Version: 1.4.4rc1

cpe:2.3:a:open-metadata:openmetadata:1.4.4rc1
Open-Metadata » Openmetadata » Version: 1.4.5

cpe:2.3:a:open-metadata:openmetadata:1.4.5
Open-Metadata » Openmetadata » Version: 1.4.5rc1

cpe:2.3:a:open-metadata:openmetadata:1.4.5rc1
Open-Metadata » Openmetadata » Version: 1.4.6

cpe:2.3:a:open-metadata:openmetadata:1.4.6
Open-Metadata » Openmetadata » Version: 1.4.6rc1

cpe:2.3:a:open-metadata:openmetadata:1.4.6rc1
Open-Metadata » Openmetadata » Version: 1.4.7

cpe:2.3:a:open-metadata:openmetadata:1.4.7
Open-Metadata » Openmetadata » Version: 1.4.8

cpe:2.3:a:open-metadata:openmetadata:1.4.8
Open-Metadata » Openmetadata » Version: 1.5.0

cpe:2.3:a:open-metadata:openmetadata:1.5.0
Open-Metadata » Openmetadata » Version: 1.5.0rc1

cpe:2.3:a:open-metadata:openmetadata:1.5.0rc1
Open-Metadata » Openmetadata » Version: 1.5.0rc2

cpe:2.3:a:open-metadata:openmetadata:1.5.0rc2
Open-Metadata » Openmetadata » Version: 1.5.1

cpe:2.3:a:open-metadata:openmetadata:1.5.1
Open-Metadata » Openmetadata » Version: 1.5.10

cpe:2.3:a:open-metadata:openmetadata:1.5.10
Open-Metadata » Openmetadata » Version: 1.5.11

cpe:2.3:a:open-metadata:openmetadata:1.5.11
Open-Metadata » Openmetadata » Version: 1.5.12

cpe:2.3:a:open-metadata:openmetadata:1.5.12
Open-Metadata » Openmetadata » Version: 1.5.13

cpe:2.3:a:open-metadata:openmetadata:1.5.13
Open-Metadata » Openmetadata » Version: 1.5.14

cpe:2.3:a:open-metadata:openmetadata:1.5.14
Open-Metadata » Openmetadata » Version: 1.5.15

cpe:2.3:a:open-metadata:openmetadata:1.5.15
Open-Metadata » Openmetadata » Version: 1.5.2

cpe:2.3:a:open-metadata:openmetadata:1.5.2
Open-Metadata » Openmetadata » Version: 1.5.2rc1

cpe:2.3:a:open-metadata:openmetadata:1.5.2rc1
Open-Metadata » Openmetadata » Version: 1.5.3

cpe:2.3:a:open-metadata:openmetadata:1.5.3
Open-Metadata » Openmetadata » Version: 1.5.4

cpe:2.3:a:open-metadata:openmetadata:1.5.4
Open-Metadata » Openmetadata » Version: 1.5.5

cpe:2.3:a:open-metadata:openmetadata:1.5.5
Open-Metadata » Openmetadata » Version: 1.5.6

cpe:2.3:a:open-metadata:openmetadata:1.5.6
Open-Metadata » Openmetadata » Version: 1.5.7

cpe:2.3:a:open-metadata:openmetadata:1.5.7
Open-Metadata » Openmetadata » Version: 1.5.8

cpe:2.3:a:open-metadata:openmetadata:1.5.8
Open-Metadata » Openmetadata » Version: 1.5.9

cpe:2.3:a:open-metadata:openmetadata:1.5.9
Open-Metadata » Openmetadata » Version: 1.6.0

cpe:2.3:a:open-metadata:openmetadata:1.6.0
Open-Metadata » Openmetadata » Version: 1.6.0rc1

cpe:2.3:a:open-metadata:openmetadata:1.6.0rc1
Open-Metadata » Openmetadata » Version: 1.6.0rc2

cpe:2.3:a:open-metadata:openmetadata:1.6.0rc2
Open-Metadata » Openmetadata » Version: 1.6.0rc3

cpe:2.3:a:open-metadata:openmetadata:1.6.0rc3
Open-Metadata » Openmetadata » Version: 1.6.1

cpe:2.3:a:open-metadata:openmetadata:1.6.1
Open-Metadata » Openmetadata » Version: 1.6.2

cpe:2.3:a:open-metadata:openmetadata:1.6.2
Open-Metadata » Openmetadata » Version: 1.6.3

cpe:2.3:a:open-metadata:openmetadata:1.6.3
Open-Metadata » Openmetadata » Version: 1.6.4

cpe:2.3:a:open-metadata:openmetadata:1.6.4
Open-Metadata » Openmetadata » Version: 1.6.5

cpe:2.3:a:open-metadata:openmetadata:1.6.5
Open-Metadata » Openmetadata » Version: 1.6.6

cpe:2.3:a:open-metadata:openmetadata:1.6.6
Open-Metadata » Openmetadata » Version: 1.6.7

cpe:2.3:a:open-metadata:openmetadata:1.6.7
Open-Metadata » Openmetadata » Version: 1.6.8

cpe:2.3:a:open-metadata:openmetadata:1.6.8
Open-Metadata » Openmetadata » Version: 1.6.9

cpe:2.3:a:open-metadata:openmetadata:1.6.9
Open-Metadata » Openmetadata » Version: 1.7.0

cpe:2.3:a:open-metadata:openmetadata:1.7.0
Open-Metadata » Openmetadata » Version: 1.7.0rc1

cpe:2.3:a:open-metadata:openmetadata:1.7.0rc1
Open-Metadata » Openmetadata » Version: 1.7.0rc2

cpe:2.3:a:open-metadata:openmetadata:1.7.0rc2
Open-Metadata » Openmetadata » Version: 1.7.1

cpe:2.3:a:open-metadata:openmetadata:1.7.1
Open-Metadata » Openmetadata » Version: 1.7.2

cpe:2.3:a:open-metadata:openmetadata:1.7.2
Open-Metadata » Openmetadata » Version: 1.7.3

cpe:2.3:a:open-metadata:openmetadata:1.7.3
Open-Metadata » Openmetadata » Version: 1.7.4

cpe:2.3:a:open-metadata:openmetadata:1.7.4
Open-Metadata » Openmetadata » Version: 1.7.5

cpe:2.3:a:open-metadata:openmetadata:1.7.5
Open-Metadata » Openmetadata » Version: 1.7.6

cpe:2.3:a:open-metadata:openmetadata:1.7.6
Open-Metadata » Openmetadata » Version: 1.7.7

cpe:2.3:a:open-metadata:openmetadata:1.7.7
Open-Metadata » Openmetadata » Version: 1.8.0

cpe:2.3:a:open-metadata:openmetadata:1.8.0
Open-Metadata » Openmetadata » Version: 1.8.1

cpe:2.3:a:open-metadata:openmetadata:1.8.1
Open-Metadata » Openmetadata » Version: 1.8.10

cpe:2.3:a:open-metadata:openmetadata:1.8.10
Open-Metadata » Openmetadata » Version: 1.8.11

cpe:2.3:a:open-metadata:openmetadata:1.8.11
Open-Metadata » Openmetadata » Version: 1.8.12

cpe:2.3:a:open-metadata:openmetadata:1.8.12
Open-Metadata » Openmetadata » Version: 1.8.2

cpe:2.3:a:open-metadata:openmetadata:1.8.2
Open-Metadata » Openmetadata » Version: 1.8.3

cpe:2.3:a:open-metadata:openmetadata:1.8.3
Open-Metadata » Openmetadata » Version: 1.8.4

cpe:2.3:a:open-metadata:openmetadata:1.8.4
Open-Metadata » Openmetadata » Version: 1.8.5

cpe:2.3:a:open-metadata:openmetadata:1.8.5
Open-Metadata » Openmetadata » Version: 1.8.6

cpe:2.3:a:open-metadata:openmetadata:1.8.6
Open-Metadata » Openmetadata » Version: 1.8.7

cpe:2.3:a:open-metadata:openmetadata:1.8.7
Open-Metadata » Openmetadata » Version: 1.8.8

cpe:2.3:a:open-metadata:openmetadata:1.8.8
Open-Metadata » Openmetadata » Version: 1.8.9

cpe:2.3:a:open-metadata:openmetadata:1.8.9
Open-Metadata » Openmetadata » Version: 1.9.0

cpe:2.3:a:open-metadata:openmetadata:1.9.0
Open-Metadata » Openmetadata » Version: 1.9.1

cpe:2.3:a:open-metadata:openmetadata:1.9.1
Open-Metadata » Openmetadata » Version: 1.9.10

cpe:2.3:a:open-metadata:openmetadata:1.9.10
Open-Metadata » Openmetadata » Version: 1.9.11

cpe:2.3:a:open-metadata:openmetadata:1.9.11
Open-Metadata » Openmetadata » Version: 1.9.11.7

cpe:2.3:a:open-metadata:openmetadata:1.9.11.7
Open-Metadata » Openmetadata » Version: 1.9.11.8

cpe:2.3:a:open-metadata:openmetadata:1.9.11.8
Open-Metadata » Openmetadata » Version: 1.9.12

cpe:2.3:a:open-metadata:openmetadata:1.9.12
Open-Metadata » Openmetadata » Version: 1.9.13

cpe:2.3:a:open-metadata:openmetadata:1.9.13
Open-Metadata » Openmetadata » Version: 1.9.14

cpe:2.3:a:open-metadata:openmetadata:1.9.14
Open-Metadata » Openmetadata » Version: 1.9.15

cpe:2.3:a:open-metadata:openmetadata:1.9.15
Open-Metadata » Openmetadata » Version: 1.9.16

cpe:2.3:a:open-metadata:openmetadata:1.9.16
Open-Metadata » Openmetadata » Version: 1.9.2

cpe:2.3:a:open-metadata:openmetadata:1.9.2
Open-Metadata » Openmetadata » Version: 1.9.3

cpe:2.3:a:open-metadata:openmetadata:1.9.3
Open-Metadata » Openmetadata » Version: 1.9.4

cpe:2.3:a:open-metadata:openmetadata:1.9.4
Open-Metadata » Openmetadata » Version: 1.9.5

cpe:2.3:a:open-metadata:openmetadata:1.9.5
Open-Metadata » Openmetadata » Version: 1.9.6

cpe:2.3:a:open-metadata:openmetadata:1.9.6
Open-Metadata » Openmetadata » Version: 1.9.7

cpe:2.3:a:open-metadata:openmetadata:1.9.7
Open-Metadata » Openmetadata » Version: 1.9.8

cpe:2.3:a:open-metadata:openmetadata:1.9.8
Open-Metadata » Openmetadata » Version: 1.9.9

cpe:2.3:a:open-metadata:openmetadata:1.9.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-26010

Products

Pricing

Contact Us