CVE-2026-42812 - Vulnerability Analysis
CriticalCVSS: 9.9Last Updated: May 4, 2026
Apache Polaris - Broken Access Control
Published: May 4, 2026Updated: May 4, 2026Remote Exploitable
Overview
Apache Polaris contains a broken access control vulnerability caused by skipping location validation on metadata writes when only the write.metadata.path property is changed, letting authenticated users write metadata to attacker-chosen storage locations, exploit requires ability to alter table settings.
Severity & Score
Severity: Critical
CVSS Score: 9.9
Impact
Authenticated users can write metadata to arbitrary storage locations, potentially exposing or corrupting data and gaining unauthorized storage access.
Mitigation
Disable polaris.config.allow.unstructured.table.location or ensure strict validation of write.metadata.path changes; update to latest Polaris version with fix.
References
Related Resources
Details
- CVE ID
- CVE-2026-42812
- Severity
- Critical
- CVSS Score
- 9.9
- Type
- broken_access_control
- Status
- new
CWE
- CWE-20
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H