Openmetadata
Source repositories
CVEs (12)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46481 | Hig | 0.47 | 8.3 | 0.00 | Jun 8, 2026 | OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TEST_CONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST /api/v1/automations/workflows, both the cleartext database password in… | ||
| CVE-2024-28255 | 0.11 | — | 0.73 | Mar 15, 2024 | OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request… | |||
| CVE-2024-28254 | 0.07 | — | 0.46 | Mar 15, 2024 | OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `AlertUtil::validateExpression` method evaluates an SpEL expression using `getValue` which by… | |||
| CVE-2024-28253 | 0.07 | — | 0.13 | Mar 15, 2024 | OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. `CompiledRule::validateExpression` is also called from `PolicyRepository.prepare`. `prepare()` is called… | |||
| CVE-2024-28848 | 0.06 | — | 0.08 | Mar 15, 2024 | OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `CompiledRule::validateExpression` method evaluates an SpEL expression using an… | |||
| CVE-2024-28847 | 0.01 | — | 0.02 | Mar 15, 2024 | OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. Similarly to the GHSL-2023-250 issue, `AlertUtil::validateExpression` is also called from… | |||
| CVE-2026-26010 | 0.00 | — | 0.00 | Feb 11, 2026 | OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services (Glue / Redshift / Postgres). Any read-only user can gain access to a highly privileged account, typically… | |||
| CVE-2026-22244 | 0.00 | — | 0.01 | Jan 8, 2026 | OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection (SSTI) in FreeMarker email templates. An attacker must have administrative privileges to exploit the vulnerability. Version 1.11.4… | |||
| CVE-2025-50468 | 0.00 | — | 0.00 | Aug 8, 2025 | OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query. | |||
| CVE-2025-50466 | 0.00 | — | 0.00 | Aug 8, 2025 | OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query. | |||
| CVE-2025-50465 | 0.00 | — | 0.00 | Aug 8, 2025 | OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query. | |||
| CVE-2025-50467 | 0.00 | — | 0.00 | Aug 8, 2025 | OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query. |
- risk 0.47cvss 8.3epss 0.00
OpenMetadata is a unified metadata platform. Prior to version 1.12.4, a non-admin SSO user can trigger a TEST_CONNECTION workflow for a Database Service and receive, in the HTTP 201 response of POST /api/v1/automations/workflows, both the cleartext database password in…
- CVE-2024-28255Mar 15, 2024risk 0.11cvss —epss 0.73
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `JwtFilter` handles the API authentication by requiring and verifying JWT tokens. When a new request…
- CVE-2024-28254Mar 15, 2024risk 0.07cvss —epss 0.46
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `AlertUtil::validateExpression` method evaluates an SpEL expression using `getValue` which by…
- CVE-2024-28253Mar 15, 2024risk 0.07cvss —epss 0.13
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. `CompiledRule::validateExpression` is also called from `PolicyRepository.prepare`. `prepare()` is called…
- CVE-2024-28848Mar 15, 2024risk 0.06cvss —epss 0.08
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The `CompiledRule::validateExpression` method evaluates an SpEL expression using an…
- CVE-2024-28847Mar 15, 2024risk 0.01cvss —epss 0.02
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. Similarly to the GHSL-2023-250 issue, `AlertUtil::validateExpression` is also called from…
- CVE-2026-26010Feb 11, 2026risk 0.00cvss —epss 0.00
OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services (Glue / Redshift / Postgres). Any read-only user can gain access to a highly privileged account, typically…
- CVE-2026-22244Jan 8, 2026risk 0.00cvss —epss 0.01
OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection (SSTI) in FreeMarker email templates. An attacker must have administrative privileges to exploit the vulnerability. Version 1.11.4…
- CVE-2025-50468Aug 8, 2025risk 0.00cvss —epss 0.00
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the DocStoreDAO interface. The entityType parameters can be used to build a SQL query.
- CVE-2025-50466Aug 8, 2025risk 0.00cvss —epss 0.00
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The entityType parameter can be used to build a SQL query.
- CVE-2025-50465Aug 8, 2025risk 0.00cvss —epss 0.00
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The testPlatform parameter can be used to build a SQL query.
- CVE-2025-50467Aug 8, 2025risk 0.00cvss —epss 0.00
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount in the TestDefinitionDAO interface. The supportedDataTypeParam parameter can be used to build a SQL query.