CVE-2026-25957 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Cube is a semantic layer for building data applications. From 1.1.17 to before 1.5.13 and 1.4.2, it is possible to make the entire Cube API unavailable by submi…
Medium CVSS: 6.5

CVE-2026-25957

Cube is a semantic layer for building data applications. From 1.1.17 to before 1.5.13 and 1.4.2, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. This vulnerability is fixed in 1.5.13 and 1.4.2.
Vendor
Cube
Product
Cube.js
CWE
CWE-755
Yayın Tarihi
2026-02-09 23:16:06
Güncelleme
2026-02-24 19:53:01
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-755 Cube.js MEDIUM Cube 2026

Referanslar

https://github.com/cube-js/cube/security/advisories/GHSA-9vph-2hvm-x66g