PT-2026-45765 · Undefined · Undefined
Published
2026-06-02
·
Updated
2026-06-02
·
CVE-2026-26847
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
A critical chain of vulnerabilities in the Collibra Platform Agent, including CVE-2026-26847 (improper authentication) and path traversal, allows remote, unauthenticated attackers to achieve Remote Code Execution (RCE).
Technical Breakdown:
- Vulnerability Chain: Attackers can exploit improperly authenticated REST endpoints (
/rest/*) to gather information and then leverage path traversal by uploading a crafted ZIP archive. - Impact: Arbitrary file write leading to RCE on the host system where the Collibra Agent (CP and CPSH) is installed.
- Exposure: The vulnerable web service binds to all available network interfaces, potentially increasing exposure regardless of configured restrictions.
- MITRE TTPs:
- TA0001 - Initial Access: T1190 - Exploit Public-Facing Application (via unauthenticated REST endpoints).
- TA0002 - Execution: T1059 - Command and Scripting Interpreter (implied by RCE via arbitrary file write).
Defense:
Prioritize patching Collibra Platform Agent installations immediately and ensure network access to the agent's service port is strictly controlled.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Undefined