Vulnerability Details CVE-2026-62393
Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kylin. Improper authorization in job information retrieval, where an attacker may get access to unauthorized jobs in other projects.
This issue affects Apache Kylin: from 4 through 5.0.3.
Users are recommended to upgrade to version 5.0.4, which fixes the issue.
Exploit prediction scoring system (EPSS) score
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2026-62393
-
cpe:2.3:a:apache:kylin:4.0.0
-
cpe:2.3:a:apache:kylin:4.0.3
-
cpe:2.3:a:apache:kylin:4.0.4
-
cpe:2.3:a:apache:kylin:5.0.0
-
cpe:2.3:a:apache:kylin:5.0.1
-
cpe:2.3:a:apache:kylin:5.0.2
-
cpe:2.3:a:apache:kylin:5.0.3