Databricks

Databricks, a major cloud data analytics and AI platform company, has a high-severity local vulnerability (CVSS 7.8) that requires no authentication or user interaction to exploit, allowing attackers to gain complete control over confidentiality, integrity, and availability of affected systems. The vulnerability is locally exploitable, meaning an attacker needs existing access to a machine running Databricks software, but once triggered can cause significant damage across data and system operations. Security teams should monitor for any suspicious local process activity on Databricks deployments and prioritize patches when the vendor releases a fix by the June 12, 2026 deadline.