CVE-2026-6213 | THREATINT

Description

A vulnerability in Remote Spark SparkView before build 1122 allows an attacker to bypasses the local connection check and achieve arbitrary code execution as root on the server side. Depending on implementation the vulnerability can be exploited by an unauthenticated attacker.

PUBLISHED Reserved 2026-04-13 | Published 2026-05-08 | Updated 2026-05-08 | Assigner NCSC.ch

CRITICAL: 10.0CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A

Problem types

CWE-807 Reliance on untrusted inputs in a security decision

CWE-290 Authentication bypass by spoofing

Product status

Default status

unaffected

Any version before build 1122

affected

References

www.remotespark.com/view/new.html

cve.org (CVE-2026-6213)

nvd.nist.gov (CVE-2026-6213)

Download JSON