Shodan
Vulnerabilities
Vulnerable Software
Open-Metadata:  >> Openmetadata  >> 1.4.0rc3  Security Vulnerabilities
CVE-2026-26010
OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services (Glue / Redshift / Postgres). Any read-only user can gain access to a highly privileged account, typically which has the Ingestion Bot Role. This enables destructive changes in OpenMetadata instances, and potential data leakage (e.g. sample data, or service metadata which would be unavailable per roles/policies). This vulnerability is fixed in 1.11.8.
CVSS Score
7.6
EPSS Score
0.0
Published
2026-02-11
CVE-2026-22244
OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection (SSTI) in FreeMarker email templates. An attacker must have administrative privileges to exploit the vulnerability. Version 1.11.4 contains a patch.
CVSS Score
7.2
EPSS Score
0.004
Published
2026-01-08
CVE-2025-50467
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-08
CVE-2025-50468
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-08
CVE-2025-50465
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-08-08
CVE-2025-50466
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query.
CVSS Score
7.1
EPSS Score
0.0
Published
2025-08-08
CVE-2024-55238
OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the WorkflowDAO interface. The workflowtype and status parameters can be used to build a SQL query.
CVSS Score
7.1
EPSS Score
0.002
Published
2025-04-17


Products
Pricing
Contact Us

Shodan ® - All rights reserved