Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2026-42811— Apache Polaris: could broaden vended GCS credentials through unescaped identifier content in access-boundary CEL conditions

CVSS 9.9 · Critical EPSS 0.11% · P30
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-42811

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Apache Polaris: could broaden vended GCS credentials through unescaped identifier content in access-boundary CEL conditions
Source: NVD (National Vulnerability Database)
Vulnerability Description
In plain terms, Apache Polaris is supposed to issue short-lived GCS credentials that only work for one table's files, but a crafted namespace or table name can cause those credentials to work across the configured bucket instead. Apache Polaris builds Google Cloud Storage downscoped credentials by creating a Credential Access Boundary (CAB) with CEL conditions that are intended to restrict access to the requested table's storage path. The relevant CEL string is built from the bucket name and the table path. That table path is derived from namespace and table identifiers. In current code, that path appears to be inserted into the CEL expression without escaping. As a result, a namespace or table identifier containing a single quote and other URI-safe CEL fragments can break out of the intended quoted string and change the meaning of the CEL condition. In private testing against Polaris 1.4.0 on real Google Cloud Storage, it was confirmed that Polaris accepted a crafted identifier and returned delegated GCS credentials whose CEL path restriction had effectively collapsed. Those delegated credentials could then: - list another table's object prefix; - read another table's metadata control file (Iceberg metadata JSON); - create and delete an object under another table's object prefix; - and also list, read, create, and delete objects under an unrelated external prefix in the same bucket that was not part of any table path. That last point is important. The issue is not limited to "another table". In the confirmed setup, once Apache Polaris returned credentials for the crafted table, the path restriction inside the configured bucket was effectively gone. The practical effect is that temporary credentials for one crafted table can be broader than the table Polaris was asked to authorize, and can become effectively bucket-wide within the configured bucket. The current GCS testing used a Polaris principal with broad catalog privileges for setup. A separate least-privilege Polaris RBAC variant has not yet been tested on GCS. However, the storage-credential broadening behavior itself has been confirmed on GCS.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
表达式语言语句中使用的特殊元素转义处理不恰当(表达式语言注入)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Polaris 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Polaris是Apache基金会的一个数据管理与查询服务组件。 Apache Polaris 1.4.0版本存在输入验证错误漏洞,该漏洞源于在构建Google Cloud Storage凭据访问边界时未转义命名空间或表标识符,可能导致凭据范围扩大至整个存储桶。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
Apache Software FoundationApache Polaris 0 ~ 1.4.1 -

II. Public POCs for CVE-2026-42811

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-42811

登录查看更多情报信息。

Same Patch Batch · Apache Software Foundation · 2026-05-04 · 17 CVEs total

CVE-2026-428109.9 CRITICALApache Polaris: could broaden vended S3 credentials through wildcard-bearing namespace or
CVE-2026-428099.9 CRITICALApache Polaris: staged table creation could vend storage credentials for unvalidated locat
CVE-2026-428129.9 CRITICALApache Polaris: No protection on `write.metadata.path`
CVE-2026-40682Apache OpenNLP: XXE via Dictionary Parsing in DictionaryEntryPersistor
CVE-2026-42027Apache OpenNLP: Arbitrary Class Instantiation via Model Manifest in ExtensionLoader
CVE-2026-42440Apache OpenNLP: OOM DoS via Unbounded Array Allocation in AbstractModelReader
CVE-2026-40563Apache Atlas: Script injection allows access to unintended data
CVE-2026-29169Apache HTTP Server: mod_dav_lock indirect lock crash
CVE-2026-23918Apache HTTP Server: http2: double free and possible RCE on early reset
CVE-2026-33006Apache HTTP Server: mod_auth_digest timing attack
CVE-2026-33007Apache HTTP Server: mod_authn_socache crash
CVE-2026-33523Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status
CVE-2026-33857Apache HTTP Server: Off-by-one OOB reads in AJP getter functions
CVE-2026-34032Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination C
CVE-2026-34059Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data
CVE-2026-24072Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr

IV. Related Vulnerabilities

Same product: Apache Polaris
Same vendor: Apache Software Foundation
Same weakness: CWE-917

V. Comments for CVE-2026-42811

No comments yet

Leave a comment