External risk intelligence

Attackers can take full control of H2O-3 systems, stealing data and disrupting services.

CVE advisorySeverity: CRITICAL (CVSS 9.8)

CVE-2026-3960

An unauthenticated flaw in H2O-3's import feature lets attackers run any code on your server, potentially stealing data or causing outages. Upgrade immediately to prevent this critical risk.

4Halo Surface Signal

Code Injection

H2o

before 3.46.0.10

External exposure likelihood

Halo Surface Signal score for CVE-2026-3960

H2O-3 is a data science platform that exposes REST APIs for data operations. The vulnerability resides in an unauthenticated API endpoint. Because such instances are commonly deployed as web services to facilitate data ingestion and model serving, they frequently present an internet-facing surface in real-world environments.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Horizon Alert

Summary of the vulnerability and why it matters

This critical vulnerability allows unauthenticated attackers to execute arbitrary code on the H2O-3 server. The issue stems from weak security controls in an API endpoint that can be bypassed by manipulating JDBC parameters. This could lead to a complete compromise of the server.

  • Arbitrary code execution on the server.
  • Affects unauthenticated users.
  • Commonly exposed via the internet.

Attack Path

How an attacker could exploit the issue

An attacker can exploit this vulnerability by sending a specially crafted request to the unauthenticated `/99/ImportSQLTable` endpoint on an H2O-3 server. By manipulating JDBC parameters, the attacker can trick the server into executing arbitrary code with the privileges of the H2O-3 process. This bypasses the application's intended security checks, allowing for full system compromise.

  • Unauthenticated API access required.
  • Targets H2O-3 `ImportSQLTable` endpoint.
  • Bypasses parameter blacklist.

Live Threat

Current exploitation, exposure, and threat context

The current threat landscape suggests this critical vulnerability could be attractive to attackers. Exploiting an unauthenticated REST API endpoint with the potential for remote code execution is a direct path to compromising systems. The bypass mechanism involving JDBC URL manipulation indicates a sophisticated attack vector, which may deter less skilled actors but appeal to determined ones.

  • Exploits unauthenticated API endpoint.
  • Remote code execution capability.
  • Vulnerable versions are older.

Priority actions

Operational Fix

Recommended remediation, mitigation, and detection steps

Prioritize blocking traffic to the `/99/ImportSQLTable` endpoint and upgrading H2O-3 to version 3.46.0.10 immediately. Given the critical severity and unauthenticated nature of this remote code execution vulnerability, actively exploited, or having a reliable public exploit, isolate or take affected services offline if patching is not feasible.

  • Upgrade H2O-3 to 3.46.0.10.
  • Block `/99/ImportSQLTable` API access.
  • Monitor for exploitation attempts.

Frequently asked questions

What is H2O-3 and what is it used for?

H2O-3 is a data science platform that enables users to perform machine learning and data analysis tasks. It is often used for tasks like building predictive models and analyzing large datasets, and it includes an API for interacting with its functionalities.

How does the CVE-2026-3960 vulnerability work?

CVE-2026-3960 is a critical vulnerability classified as a "remote code execution" weakness. It occurs because H2O-3 improperly validates parameters in its REST API, specifically the `/99/ImportSQLTable` endpoint. Attackers can exploit this by changing the database connection type and using specific parameters to bypass security checks and run their own code on the server.

What are the conditions for an attacker to exploit CVE-2026-3960?

An attacker needs to be able to send requests to the unauthenticated `/99/ImportSQLTable` API endpoint on a vulnerable H2O-3 server. The vulnerability is not triggered by simply accessing the API; it requires a specially crafted request that manipulates JDBC URL protocols and arguments to bypass security.

Who should be concerned about this H2O-3 vulnerability?

Organizations running H2O-3 versions prior to 3.46.0.10 should be concerned. According to Halo Surface Signal, this type of vulnerability is classified as 'Likely' to be internet-facing because H2O-3 is often deployed as a web service for data operations, making it accessible from the internet.

What is the first step to address CVE-2026-3960 in H2O-3?

The immediate first step is to upgrade H2O-3 to version 3.46.0.10 or later, as this version includes the fix for the vulnerability. If upgrading is not immediately possible, consider blocking access to the `/99/ImportSQLTable` API endpoint.

References

Sources and related resources

Primary sources: NVD, CVE.org.

NVDPublished Modified