Browse all 9 CVE security advisories affecting Clickhouse. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ClickHouse serves as an open-source column-oriented database management system optimized for real-time analytics and large-scale data processing. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from input validation flaws and improper access controls. While no major security incidents have been widely documented, the 9 recorded CVEs highlight potential risks in areas such as authentication mechanisms and query processing. Security characteristics include regular updates and a community-driven approach to patching, though users must remain vigilant about configuration hardening to mitigate exposure to known exploits.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-1385 | Fail input validation in clickhouse-library-bridge API could lead to RCE under specific configuration — ClickHouse OSSCWE-20 | 6.7 | - | 2025-03-20 |
This page lists every published CVE security advisory associated with Clickhouse. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.