Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-42810— Apache Polaris: could broaden vended S3 credentials through wildcard-bearing namespace or table names

CVSS 9.9 · Critical EPSS 0.11% · P30
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-42810

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Apache Polaris: could broaden vended S3 credentials through wildcard-bearing namespace or table names
Source: NVD (National Vulnerability Database)
Vulnerability Description
Apache Polaris accepts literal `*` characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access, those same characters appear to be reused unescaped in S3 IAM resource patterns and `s3:prefix` conditions. In S3 IAM policy matching, `*` is treated as a wildcard rather than as ordinary text. That means temporary credentials issued for one crafted table can match the storage path of a different table. In private testing against Polaris 1.4.0 using Polaris' AWS S3 temporary- credential path on both MinIO and real AWS S3, credentials returned for crafted tables such as `f*.t1`, `f*.*`, `*.*`, and `foo.*` could reach other tables' S3 locations. The confirmed behavior includes: - reading another table's metadata control file ([Iceberg metadata JSON]); - listing another table's exact S3 table prefix ([table prefix]); - and, when write delegation was returned for the crafted table, creating and deleting an object under another table's exact S3 table prefix. A control case using ordinary different names did not allow the same cross-table access. A least-privilege AWS S3 variant was also confirmed in which the attacker principal had no Polaris permissions on the victim table and only the minimal permissions required to create and use a crafted wildcard table (namespace-scoped `TABLE_CREATE` and `TABLE_WRITE_DATA` on `*`). In that setup, direct Polaris access to `foo.t1` remained forbidden, but the attacker could still create and load `*.*`, receive delegated S3 credentials, and use those credentials to list, read, create, and delete objects under `foo.t1`. In Iceberg, the metadata JSON file is a control file: it tells readers which data files belong to the table, which snapshots exist, and which table version to read. So unauthorized access to it is already a meaningful confidentiality problem. The confirmed write-capable variant means the issue is not limited to disclosure.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
对输出编码和转义不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Polaris 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Polaris是Apache基金会的一个数据管理与查询服务组件。 Apache Polaris 1.4.0版本存在输入验证错误漏洞,该漏洞源于在命名空间和表名中接受字面星号字符且未转义,可能导致临时凭据匹配其他表的存储路径。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
Apache Software FoundationApache Polaris 0 ~ 1.4.1 -

II. Public POCs for CVE-2026-42810

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-42810

登录查看更多情报信息。

Same Patch Batch · Apache Software Foundation · 2026-05-04 · 17 CVEs total

CVE-2026-428119.9 CRITICALApache Polaris: could broaden vended GCS credentials through unescaped identifier content
CVE-2026-428099.9 CRITICALApache Polaris: staged table creation could vend storage credentials for unvalidated locat
CVE-2026-428129.9 CRITICALApache Polaris: No protection on `write.metadata.path`
CVE-2026-40682Apache OpenNLP: XXE via Dictionary Parsing in DictionaryEntryPersistor
CVE-2026-42027Apache OpenNLP: Arbitrary Class Instantiation via Model Manifest in ExtensionLoader
CVE-2026-42440Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader
CVE-2026-40563Apache Atlas: Script injection allows access to unintended data
CVE-2026-29169Apache HTTP Server: mod_dav_lock indirect lock crash
CVE-2026-23918Apache HTTP Server: http2: double free and possible RCE on early reset
CVE-2026-33006Apache HTTP Server: mod_auth_digest timing attack
CVE-2026-33007Apache HTTP Server: mod_authn_socache crash
CVE-2026-33523Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status
CVE-2026-33857Apache HTTP Server: Off-by-one OOB reads in AJP getter functions
CVE-2026-34032Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination C
CVE-2026-34059Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data
CVE-2026-24072Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr

IV. Related Vulnerabilities

Same product: Apache Polaris
Same vendor: Apache Software Foundation
Same weakness: CWE-116

V. Comments for CVE-2026-42810

No comments yet

Leave a comment