Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

apache/supersetApache Superset: Improper Authorization in Dataset Creation Allows Access Control Bypass

Risk 43
Severity
7.1
First published (updated )
CVE-2026-23982

Apache SupersetApache Superset: SQLLab Read-Only Bypass on PostgreSQL

Risk 43
Severity
7.1
First published (updated )
CVE-2026-23984

Apache SupersetApache Superset: Improper authorization bypass on row level security via SQL Injection

Risk 30
Severity
7.1
EPSS
0.08%
First published (updated )
CVE-2025-48912

Apache SupersetApache Superset: Incorrect authorization leading to resource ownership takeover

Risk 84
Severity
8.8
First published (updated )
CVE-2025-27696

pip/apache-supersetApache Superset: SQLLab Improper readonly query validation allows unauthorized write access

Risk 43
Severity
7.1
First published (updated )
CVE-2024-55633
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

pip/apache-supersetApache Superset: Lower privilege users are able to create Role when FAB_ADD_SECURITY_API is enabled

Risk 59
Severity
7.6
First published (updated )
CVE-2024-53949

pip/apache-supersetApache Superset: Privilege Escalation Vulnerability

Risk 46
Severity
7.7
First published (updated )
CVE-2023-49734

pip/apache-supersetApache Superset: SQL Injection on where_in JINJA macro

Risk 84
Severity
8.8
First published (updated )
CVE-2023-49736

pip/apache-supersetApache Superset: Privilege escalation with default examples database

Risk 84
Severity
8.8
First published (updated )
CVE-2023-40610

Apache SupersetApache Superset: Cross Site Request Forgery (CSRF) on accept, request access API

Risk 77
Severity
8.8
First published (updated )
CVE-2022-43719
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Apache SupersetPossible SQL Injection when template processing is enabled

Risk 82
Severity
8.8
First published (updated )
CVE-2021-41971

Apache SupersetInfoleak

Risk 62
Severity
8.1
First published (updated )
CVE-2020-13952

Apache SupersetOS Command Injection

Risk 82
Severity
8.8
First published (updated )
CVE-2020-13948

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203