Home

Description

Improper Handling of Insufficient Permissions or Privileges vulnerability in Apache Kylin. Improper authorization in job information retrieval, where an attacker may get access to unauthorized jobs in other projects. This issue affects Apache Kylin: from 4 through 5.0.3. Users are recommended to upgrade to version 5.0.4, which fixes the issue.

PUBLISHED Reserved 2026-07-14 | Published 2026-07-14 | Updated 2026-07-14 | Assigner apache

Problem types

CWE-280 Improper Handling of Insufficient Permissions or Privileges

Product status

Default status
unaffected

4 (semver)
affected

Credits

Yicheng <yyc2569580673@gmail.com> finder

Haoran Zhao finder

Lei Zhang finder

References

www.openwall.com/lists/oss-security/2026/07/14/6

lists.apache.org/thread/xg8dcyjw0nkq5y8dhq3r25x3rxc62x9j vendor-advisory

cve.org (CVE-2026-62393)

nvd.nist.gov (CVE-2026-62393)

Download JSON