Browse all 9 CVE security advisories affecting ClickHouse. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ClickHouse serves as an open-source column-oriented database management system optimized for real-time analytics and large-scale data processing. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and improper access controls. While no major security incidents have been widely documented, the 9 recorded CVEs highlight potential risks in areas such as authentication mechanisms and query processing. Security characteristics include regular updates and a community-driven approach to patching, though users must remain vigilant about configuration hardening to mitigate exposure to known exploits.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2019-16536 | Stack overflow leading to DoS can be triggered by a malicious authenticated client. — DBCWE-120 | 6.5AI | MediumAI | 2025-05-21 |
This page lists every published CVE security advisory associated with ClickHouse. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.