Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Apache SupersetApache Superset: Exposure of Sensitive Information via Incomplete ClickHouse Function Filtering

Risk 40
Severity
6.5
First published (updated )
CVE-2026-23969

Apache SupersetApache Superset: Improper Neutralization of Special Elements used in a SQL Command

Risk 40
Severity
6.5
First published (updated )
CVE-2026-23980

Apache SupersetApache Superset: Sensitive Data Exposure via REST API (disabled by default)

Risk 40
Severity
6.5
First published (updated )
CVE-2026-23983

pip/apache-supersetApache Superset: Error verbosity exposes metadata in analytics databases

Risk 29
Severity
5.3
First published (updated )
CVE-2024-53948

pip/apache-supersetApache Superset: Server arbitrary file read

Risk 39
Severity
6.8
First published (updated )
CVE-2024-34693
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

pip/apache-supersetApache Superset: Incorrect datasource authorization on explore REST API

Risk 24
Severity
4.3
First published (updated )
CVE-2024-28148

pip/apache-supersetApache Superset: Improper authorization validation on dashboards and charts import

Risk 26
Severity
5.4
EPSS
0.04%
First published (updated )
CVE-2024-26016

pip/apache-supersetApache Superset: Improper data authorization when creating a new dataset

Risk 28
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2024-24779

Apache SupersetApache Superset: Improper Neutralisation of custom SQL on embedded context

Risk 17
Severity
4.3
EPSS
0.04%
First published (updated )
CVE-2024-24772

pip/apache-supersetApache Superset: Improper validation of SQL statements allows for unauthorized access to data

Risk 28
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2024-24773
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

pip/apache-supersetApache Superset: Improper error handling on alerts

Risk 17
Severity
4.3
EPSS
0.04%
First published (updated )
CVE-2024-27315

pip/apache-supersetApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb (version range fix for CVE-2023-46104)

Risk 28
Severity
6.5
EPSS
0.04%
First published (updated )
CVE-2024-23952

Apache SupersetApache Superset: Allows for uncontrolled resource consumption via a ZIP bomb

Risk 41
Severity
6.5
First published (updated )
CVE-2023-46104

Apache SupersetApache Superset: Lack of rate limiting allows for possible denial of service

Risk 40
Severity
6.5
First published (updated )
CVE-2023-42504

Apache SupersetApache Superset: Sensitive information disclosure on db connection details

Risk 24
Severity
4.3
First published (updated )
CVE-2023-42505
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache SupersetApache Superset: Open Redirect Vulnerability

Risk 35
Severity
5.4
First published (updated )
CVE-2023-42502

pip/apache-supersetApache Superset: Stored XSS on API endpoint

Risk 35
Severity
5.4
First published (updated )
CVE-2023-43701

Apache SupersetApache Superset: Unnecessary read permissions within the Gamma role

Risk 24
Severity
4.3
First published (updated )
CVE-2023-42501

Apache SupersetApache Superset: SQL parser edge case bypasses data access authorization

Risk 23
Severity
4.3
First published (updated )
CVE-2023-32672

Apache SupersetApache Superset: Metadata db write access can lead to remote code execution

Risk 65
Severity
6.6
First published (updated )
CVE-2023-37941
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache SupersetApache Superset: Possible Unauthorized Registration of SQLite Database Connections

Risk 41
Severity
6.5
First published (updated )
CVE-2023-39265

Apache SupersetApache Superset: Stack traces enabled by default

Risk 23
Severity
4.3
First published (updated )
CVE-2023-39264

Apache SupersetApache Superset: Improper Authorization check on import charts

Risk 23
Severity
4.3
First published (updated )
CVE-2023-27526

Apache SupersetApache Superset: Improper data permission validation on Jinja templated queries

Risk 27
Severity
5
First published (updated )
CVE-2023-27523

pip/apache-supersetApache Superset: Improper API permission for low privilege users allows for SSRF

Risk 36
Severity
5.4
First published (updated )
CVE-2023-36388
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

pip/apache-supersetApache Superset: Improper API permission for low privilege users

Risk 36
Severity
5.4
First published (updated )
CVE-2023-36387

Apache SupersetApache Superset: Database connection password leak

Risk 38
Severity
6.5
First published (updated )
CVE-2023-30776

Apache SupersetApache Superset: Possible SSRF on import datasets

Risk 38
Severity
6.5
First published (updated )
CVE-2023-25504

Apache SupersetApache Superset: Incorrect default permissions for Gamma role

Risk 22
Severity
4.3
First published (updated )
CVE-2023-27525

Apache SupersetApache Superset: SQL injection vulnerability in adhoc clauses

Risk 34
Severity
5.4
First published (updated )
CVE-2022-41703
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203