Known Vulnerabilities for Cassandra by Apache
Listed below are 10 of the newest known vulnerabilities associated with "Cassandra" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-60090 json | PraisonAI before 4.6.78 fails to validate the caller-controlled dimension argument in the PGVector and Cassandra knowledge-st... | Not Provided | 2026-07-11 | 2026-07-14 |
| CVE-2026-47846 json | Bitnami Cassandra container images are affected by a retained default superuser vulnerability. When a custom administrator ac... | Not Provided | 2026-06-18 | 2026-06-18 |
| CVE-2026-40974 json | Spring Boot's Cassandra auto-configuration does not perform hostname verification when establishing an SSL connection to Cass... | Not Provided | 2026-04-28 | 2026-04-28 |
| CVE-2026-35588 json | Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module (`glance... | Not Provided | 2026-04-21 | 2026-04-21 |
| CVE-2026-33844 json | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a n... | Not Provided | 2026-05-07 | 2026-06-01 |
| CVE-2026-33109 json | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a n... | Not Provided | 2026-05-07 | 2026-05-08 |
| CVE-2026-32588 json | Not Provided | 2026-04-07 | 2026-04-15 | |
| CVE-2026-27315 json | Not Provided | 2026-04-07 | 2026-04-15 | |
| CVE-2026-27314 json | Not Provided | 2026-04-07 | 2026-04-15 | |
| CVE-2023-30601 json | Privilege escalation when enabling FQL/Audit logs allows user with JMX access to run arbitrary commands as the user running A... | 7.8 - HIGH | 2023-05-30 | 2023-06-05 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Cassandra | 4.0.0 | |||
| Application | Apache | Cassandra | 4.0.0 | |||
| Application | Apache | Cassandra | 4.0.0 | |||
| Application | Apache | Cassandra | 4.0.0 | |||
| Application | Apache | Cassandra | 4.0.0 | |||
| Application | Apache | Cassandra | 4.0.0 | |||
| Application | Apache | Cassandra | 3.9 | |||
| Application | Apache | Cassandra | 3.8 | |||
| Application | Apache | Cassandra | 3.7 | |||
| Application | Apache | Cassandra | 3.6 | |||
| Application | Apache | Cassandra | 3.5 | |||
| Application | Apache | Cassandra | 3.4 | |||
| Application | Apache | Cassandra | 3.3 | |||
| Application | Apache | Cassandra | 3.2.1 | |||
| Application | Apache | Cassandra | 3.2 | |||
| Application | Apache | Cassandra | 3.11.9 | |||
| Application | Apache | Cassandra | 3.11.8 | |||
| Application | Apache | Cassandra | 3.11.7 | |||
| Application | Apache | Cassandra | 3.11.6 | |||
| Application | Apache | Cassandra | 3.11.5 |