Vulnerabilities

Report: CVE-2026-42031 - CKAN: Unauthenticated SQL Injection and Authorization Bypass in `datastore_searc

2026-05-13 0 views admin

CVE ID :CVE-2026-42031 Published : May 13, 2026, 7:17 p.m. | 29 minutes ago Description :CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, a vulnerability in datastore_search_sql allowed attackers to inject SQL in order to gain access to private resources and PostgreSQL system information This vulnerability is fixed in 2.10.10 and 2.11.5. Severity: 8.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-42031

Severity

HIGH

Published

May 13, 2026

Affected Product: PostgreSQL

🏷️ Tags

report42031unauthenticatedinjectionauthorizationbypassdatastore_searcpublishedcvesql injection

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-42031 - CKAN: Unauthenticated SQL Injection and Authorization Bypass in `datastore_searc

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Update: CVE-2026-41132 - CKAN: No certificate validation on STMP connection

Report: CVE-2026-42032 - CKAN: Unauthenticated Authorization Bypass in `datastore_search_sql` - Expert Insights

Report: CVE-2026-41255 - CKAN: CSRF exemption primed by anonymous requests

Report: CVE-2026-42579 - Netty: DNS Codec Input Validation Bypass in Netty (Encoder + Decoder) - Complete Guide

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting