CVE-2026-23902 - Apache DolphinScheduler: Users are able to use tenants that are not defined on the platform during workflow execution.
CVE ID :CVE-2026-23902 Published : April 24, 2026, 10:56 a.m. | 57 minutes ago Description :Incorrect Authorization vulnerability in Apache DolphinScheduler allows authenticated users with system login permissions to use tenants that are not defined on the platform during workflow execution.
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] News Explorer — Aave Coordinates 'DeFi United' Push to Tackle KelpDAO Exploit Aftermath - Decrypt
- [CYBER] Locked Shields 2026: 41 Nations Strengthen Cyber Resilience in World’s Biggest Exercise
- [CYBER] This Firefox vulnerability may have been tracking all your private Tor identities – even in Private Mode
- [CYBER] Atlantic writer sued by Kash Patel says she’s been ‘inundated’ with new sources corroborating her reporting
- [CYBER] Elon Musk and Sam Altman’s court showdown will dish the dirt
- [CYBER] Hackers Exploit Agent ID Administrator Role to Hijack Service Principals