CVE-2026-32966

medium Apache
Published: June 17, 2026 (22 days ago)
Last Modified: June 17, 2026
Vendor: Apache
Source: MITRE

Description

DataSource API Missing Authorization Check Leads to Arbitrary Data Source Metadata Disclosure in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.

CWE

CWE-863

Affected Products

Apache Software Foundation Apache DolphinScheduler

References