CVE-2026-39196 | THREATINT

Description

Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the set_uri_query parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements.

PUBLISHED Reserved 2026-04-06 | Published 2026-06-15 | Updated 2026-06-16 | Assigner mitre

References

gist.github.com/pyuysig/423b15c69e3cd851c1e24c1312a0551a exploit

gist.github.com/pyuysig/423b15c69e3cd851c1e24c1312a0551a

cve.org (CVE-2026-39196)

nvd.nist.gov (CVE-2026-39196)

Download JSON