PT-2026-45695 · Apache · Apache Calcite
4Ra1N
+2
·
Published
2026-06-02
·
Updated
2026-06-02
·
CVE-2026-46718
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Apache Calcite versions 1.5.0 through 1.41
Description
An unsafe reflection issue exists where externally-controlled input can be used to select classes or code. Specifically, a user-controlled model can load arbitrary classes, which may lead to remote code execution.
Recommendations
Upgrade to version 1.42.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Calcite