What is the CVSS score of CVE-2026-26010?

CVE-2026-26010 has a CVSS 3.1 base score of 7.6 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L. EPSS exploitation probability: 0.0%.

Which versions of PostgreSQL are affected by CVE-2026-26010?

OpenMetadata instances prior to version 1.11.8 expose authentication credentials (JWTs) through the UI metadata ingestion API, allowing attackers to hijack service accounts with access to critical…. A patch is available.

Is there a public PoC exploit available for CVE-2026-26010?

Yes, a public proof-of-concept exploit is available for CVE-2026-26010. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2026-26010?

Within 24 hours: Audit access logs for /api/v1/ingestionPipelines endpoints and identify exposed JWTs; immediately rotate all ingestion-bot service account credentials and API keys for connected Glue/Redshift/Postgres systems. Within 7 days: Deploy network segmentation or WAF rules to restrict /api/v1/ingestionPipelines access to authorized internal systems only; implement enhanced monitoring on data platform access using exposed credentials. Within 30 days: Upgrade OpenMetadata to version 1.11.8 or later once available; conduct full forensic review of data access logs during exposure window for signs of unauthorized activity.

PostgreSQL CVE-2026-26010

HIGH

Improper Privilege Management (CWE-269)

2026-02-11 security-advisories@github.com

GHSA-pqqf-7hxm-rj5r

PostgreSQL Openmetadata

7.6

CVSS 3.1 · GitHub Advisory

Severity by source

GitHub Advisory PRIMARY

7.6 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

Primary rating from GitHub Advisory · only source for this CVE.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

Low

Lifecycle Timeline

Patch released

Mar 31, 2026 - 21:13 nvd

Patch available

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

PoC Detected

Feb 13, 2026 - 21:34 vuln.today

Public exploit code

CVE Published

Feb 11, 2026 - 21:16 nvd

HIGH 7.6

DescriptionGitHub Advisory

OpenMetadata is a unified metadata platform. Prior to 1.11.8, calls issued by the UI against /api/v1/ingestionPipelines leak JWTs used by ingestion-bot for certain services (Glue / Redshift / Postgres). Any read-only user can gain access to a highly privileged account, typically which has the Ingestion Bot Role. This enables destructive changes in OpenMetadata instances, and potential data leakage (e.g. sample data, or service metadata which would be unavailable per roles/policies). This vulnerability is fixed in 1.11.8.

AnalysisAI

OpenMetadata versions prior to 1.11.8 expose JWT tokens for the privileged ingestion-bot account through the /api/v1/ingestionPipelines API endpoint, allowing any read-only user to escalate privileges and impersonate a highly privileged service account. With public exploit code available and no patch currently deployed on most instances, attackers can perform destructive actions within OpenMetadata and access sensitive metadata that should be restricted by role-based policies. …

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access

Authenticate as read-only user

Delivery

Call /api/v1/ingestionPipelines endpoint

Exploit

Extract leaked JWT tokens

Execution

Impersonate ingestion-bot account

Impact

Execute destructive metadata operations

Access

Authenticate as read-only user

Delivery

Call /api/v1/ingestionPipelines endpoint

Exploit

Extract leaked JWT tokens

Execution

Impersonate ingestion-bot account

Impact

Execute destructive metadata operations

Vulnerability AssessmentAI

Exploitation	OpenMetadata versions prior to 1.11.8 with ingestion pipelines configured for Glue, Redshift, or Postgres services. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment	CVSS 7.6 (HIGH). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker could exploit this vulnerability to compromise the affected system.
Remediation	Fixed in version 1.11.8.. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit access logs for /api/v1/ingestionPipelines endpoints and identify exposed JWTs; immediately rotate all ingestion-bot service account credentials and API keys for connected Glue/Redshift/Postgres systems. …

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-20253 CRITICAL Act Now POC

9.8 Jun 10

Unauthenticated arbitrary file write in Splunk Enterprise (below 10.2.4 and 10.0.7) and Splunk Cloud Platform (below 10.

CVE-2026-54310 MEDIUM This Month

9.9 Jun 16

SQL injection in n8n's legacy Postgres v1 and TimescaleDB workflow nodes allows an authenticated workflow editor to inje

CVE-2026-48114 CRITICAL Act Now

9.8 Jun 15

Unauthenticated SQL injection in NCEAS Metacat 2.0.0 through pre-3.0.0 allows remote attackers to read, modify, and exec

CVE-2026-11945 HIGH This Week

7.5 Jun 11

Privilege escalation in PostgreSQL Anonymizer versions prior to 3.1.1 allows a low-privileged database user to achieve s

CVE-2026-26010 vulnerability details – vuln.today

Back