CVE-2026-48114

🟠 Łataj w tym tygodniu

Nieautoryzowany wstrzyknięcie SQL w Metacat umożliwia pełny dostęp do bazy danych.

CVSS

9.8

EPSS

0.4%

Exploit

none

Vendor

Opis źródłowy (NVD)

Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert() builds an INSERT against HARVEST_SITE_SCHEDULE via string concatenation, using a quoteString() helper that performs raw single-quote wrapping without escaping. Three request parameters reach the sink: unit, contactEmail, and documentListURL. The servlet does not verify a real LDAP identity. Allowing the vulnerable insert to proceed. Since the PostgreSQL backend permits stacked queries via Statement.executeUpdate(), this vulnerability allows full read/write/execute access in the Metacat database context. The vulnerability was remediated in Metacat 3.0.0.

sql-injection Brak patcha

Źródła i daty

Źródło	Wartość
NVD – CVSS	9.8
CISA KEV (aktywnie wykorzystywane)	Nie
FIRST EPSS (prawdopodobieństwo exploita)	0.4%
Opublikowano (NVD)	2026-06-15 20:16:28 UTC
Ostatnia modyfikacja (NVD)	2026-06-16 15:50:58 UTC

Referencje

https://github.com/NCEAS/metacat/commit/820d595309b399fdbdf4983bd1b1dd795773472a (security-advisories@github.com)
https://github.com/NCEAS/metacat/security/advisories/GHSA-wrc6-rc34-hrcg (security-advisories@github.com)