CVE-2026-22244 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection (SSTI) in FreeM…
High CVSS: 8.5

CVE-2026-22244

OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection (SSTI) in FreeMarker email templates. An attacker must have administrative privileges to exploit the vulnerability. Version 1.11.4 contains a patch.
Vendor
Open-metadata
Product
Openmetadata
CWE
CWE-1336
Yayın Tarihi
2026-01-08 16:16:02
Güncelleme
2026-01-15 21:14:29
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-1336 Openmetadata HIGH Open-metadata 2026

Referanslar

https://github.com/open-metadata/OpenMetadata/commit/bffe7c45807763f9b682021d4211c478d2a08bb3 https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-5f29-2333-h9c7 https://github.com/open-metadata/OpenMetadata/security/advisories/GHSA-5f29-2333-h9c7