Apache Superset contains an improper access control vulnerability in its /explore endpoint. A missing authorization check allows an authenticated user to discover metadata about datasources they do no ...
Continue Reading
August 14, 2025
When a guest user accesses a chart in Apache Superset, the API response from the /chart/data endpoint includes a query field in its payload. This field contains the underlying query, which improperly ...
Continue Reading
August 14, 2025
A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercepted by any local client l ...
Continue Reading
August 14, 2025
creation_timestamp| type| source ---|---|--- 2025-08-14 13:10:39+00:00| seen|...Read More ...
Continue Reading
August 14, 2025
creation_timestamp| type| source ---|---|--- 2025-08-14 13:08:24+00:00| seen|...Read More ...
Continue Reading
August 14, 2025
creation_timestamp| type| source ---|---|--- 2025-08-14 13:08:24+00:00| seen|...Read More ...
Continue Reading
August 14, 2025
creation_timestamp| type| source ---|---|--- 2025-08-14 13:25:09+00:00| seen|...Read More ...
Continue Reading
August 14, 2025
creation_timestamp| type| source ---|---|--- 2025-08-14 13:25:09+00:00| seen|...Read More ...
Continue Reading
August 14, 2025
Back to Main
