CVE Catalog

CVE-2026-32967

CriticalCVSS 9.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.20%

10th percentile — higher than 10% of all known CVEs

Summary

Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects versions before 3.4.2.

Risk Assessment

Improper authorization may lead to unauthorized access to system functions, posing a risk to the organization's data security.

Recommendation

Users are recommended to upgrade to version 3.4.2, which fixes the issue.

Original NVD description (English source)

Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS