NVD disclosure day

Published threat advisories for May 22, 2020

CVE advisoryKnown Exploit

CVE-2020-1956

Apache Kylin Command Injection Vulnerability.

Halo Surface Signal: 3 out of 5 — possibly public-facing.

Apache Kylin's REST APIs contain a vulnerability allowing unauthorized command execution on affected systems. This risk impacts organizations using the vulnerable versions, potentially compromising data and systems. The business risk involves attackers executing arbitrary commands without validation.

NVD published: • CISA KEV