CVE-2026-3960 - Remote Code Execution in h2oai/h2o-3
CVE ID :CVE-2026-3960 Published : April 23, 2026, 10:16 a.m. | 1 hour, 30 minutes ago Description :A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises due to insufficient
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Cosmetics giant Rituals discloses data breach affecting customers
- [CYBER] Over 300,000 Europeans' data on sale on dark web after December cyberattack on Eurail: Report
- [CYBER] Stuck in "Tutorial Hell": I know the theory of IDOR perfectly, but can't find anything in the wild. How do I bridge the gap?
- [CYBER] In my game you hack your company and can sell secrets for credits or keep them as leverage
- [CYBER] ServiceNow (NOW) Completes $7.75B Acquisition of Cyber Exposure Leader Armis
- [CYBER] Kelp DAO exploiter launders nearly all 75,700 in stolen ETH through THORchain