Product
open metadata openmetadata
12 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-26010
CVE-2026-22244
CVE-2025-50468
CVE-2025-50467
CVE-2025-50466
CVE-2025-50465
CVE-2024-55238
CVE-2024-28848
CVE-2024-28847
CVE-2024-28255
CVE-2024-28254
CVE-2024-28253
< 1.11.8
OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs
< 1.11.4
OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Temp
<= 1.4.4
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount i
<= 1.4.4
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount i
<= 1.4.4
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount i
<= 1.4.4
OpenMetadata <=1.4.4 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount i
<= 1.4.1
OpenMetadata <=1.4.1 is vulnerable to SQL Injection. An attacker can extract information from the database in function listCount i
< 1.2.4
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth
< 1.2.4
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth
< 1.2.4
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth
< 1.2.4
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth
< 1.3.1
OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth