CVE-2026-42811 - Vulnerability Analysis
CriticalCVSS: 9.9Last Updated: May 4, 2026
Apache Polaris - Broken Access Control
Published: May 4, 2026Updated: May 4, 2026Remote Exploitable
Overview
Apache Polaris 1.4.0 contains a broken access control vulnerability caused by improper escaping of namespace or table identifiers in Credential Access Boundary CEL expressions, letting attackers obtain delegated GCS credentials with bucket-wide access, exploit requires crafted namespace or table identifiers.
Severity & Score
Severity: Critical
CVSS Score: 9.9
Impact
Attackers can obtain temporary credentials with bucket-wide access, allowing listing, reading, creating, and deleting objects beyond intended table scope.
Mitigation
Update to the latest version with proper escaping of namespace and table identifiers in CEL expressions.
References
Related Resources
Details
- CVE ID
- CVE-2026-42811
- Severity
- Critical
- CVSS Score
- 9.9
- Type
- broken_access_control
- Status
- new
CWE
- CWE-20
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H