- Description
- Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions (1.15.0+) and LIKE expressions with ESCAPE clauses (1.17.0+). User-controlled strings are interpolated into generated Java code without proper escaping, allowing attackers to break out of string literals and inject arbitrary expressions. Users are recommended to upgrade to either version 1.20.4, 2.0.2, 2.1.2 or 2.2.1, which fixes this issue.
- Source
- security@apache.org
- NVD status
- Analyzed
- Products
- flink
CVSS 3.1
- Type
- Secondary
- Base score
- 8.1
- Impact score
- 5.2
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
- Severity
- HIGH
- security@apache.org
- CWE-94
- Hype score
- Not currently trending
【脆弱性情報】 CVE-2026-35194 Apache Flink 1.15.0 から 1.20.x および 2.0.0 から 2.xの脆弱性について https://t.co/gW091vZ73S #IT #Security #cybersecurity
@Teeeda_worker
30 May 2026
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Flink の脆弱性 CVE-2026-35194 が FIX:SQL コード生成の欠陥と任意のコード実行 https://t.co/D2C8fr5rYU Apache Flink の脆弱性 CVE-2026-35194 (RCE) の原因は、裏側で動くプログラムの仕組みにあります。 Flink では SQL から Ja
@iototsecnews
26 May 2026
60 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Flink RCE Flaw (CVE-2026-35194) Exposes Clusters to Cyberattacks https://t.co/M3EfTbUpne #Cyberupdates #Cybertechnews #Cybersecurity
@TheCyberDef
17 May 2026
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Flink RCE Flaw (CVE-2026-35194) Exposes Clusters to Cyberattacks https://t.co/koGMbeHgqO #Cyberupdates #Cybertechnews #Cybersecurity
@CyberInsights1
17 May 2026
8 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Flink RCE Flaw (CVE-2026-35194) Exposes Clusters to Cyberattacks https://t.co/gOTJfI0d1Q #Cyberupdates #Cybertechnews #Cybersecurity
@cybrsecpath
17 May 2026
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apache Flink RCE Flaw (CVE-2026-35194) Exposes Clusters to Cyberattacks https://t.co/koGMbeHgqO #Cyberupdates #Cybertechnews #Cybersecurity
@CyberInsights1
16 May 2026
3 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apache Flink RCE Flaw (CVE-2026-35194) Exposes Clusters to Cyberattacks https://t.co/M3EfTbUpne #Cyberupdates #Cybertechnews #Cybersecurity
@TheCyberDef
16 May 2026
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1913CE8-6249-4A07-A8C4-6DC992CB43F3",
"versionEndExcluding": "1.20.4",
"versionStartIncluding": "1.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE1A86BF-0BCE-4731-8600-A460BFBE085F",
"versionEndExcluding": "2.0.2",
"versionStartIncluding": "2.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:flink:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CD6E7A3C-71C6-4209-8EC3-E800F60BAA5D",
"versionEndExcluding": "2.1.2",
"versionStartIncluding": "2.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:flink:2.2.0:-:*:*:*:*:*:*",
"matchCriteriaId": "3B77D4A2-805C-4E37-9C9F-3B977F4C1857",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:flink:2.2.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "883F1C45-C050-4D9A-BA6D-1787CC67C4B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:flink:2.2.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "D3C268E9-29B9-4FF9-8008-FF942C9C8DDA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]