Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-41255 |
|
Cross-Site Request Forgery (CSRF) in ckan (CVE-2026-41255)
vulnerability in ckan (CVE-2026-41255). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `2.11.5` or later.
|
| CVE-2026-42031 |
|
SQL Injection in ckan (CVE-2026-42031)
SQL injection in ckan (CVE-2026-42031). Successful exploitation can lead to full system takeover. Exploitable via ``datastore_search_sql``. Mitigation: upgrade to `2.11.5` or later.
|
| CVE-2026-42032 |
|
Authorization Flaw in ckan (CVE-2026-42032)
vulnerability in ckan (CVE-2026-42032). Confidential information can be exposed externally. Exploitable via ``datastore_search_sql``. Mitigation: upgrade to `2.11.5` or later.
|
| CVE-2026-41132 |
|
Vulnerability in ckan (CVE-2026-41132)
vulnerability in ckan (CVE-2026-41132). Confidential information can be exposed externally. Mitigation: upgrade to `2.10.10` or later.
|