CVE-2026-25644

Name of the Vulnerable Software and Affected Versions DataHub versions prior to 1.3.1.8

Description DataHub, an open-source metadata platform, has an issue in its LDAP ingestion source. Specifically, versions before 1.3.1.8 are susceptible to a man-in-the-middle (MITM) attack due to a TLS downgrade. This allows an attacker to intercept and potentially modify communications between the DataHub platform and the LDAP server.

Recommendations Update to DataHub version 1.3.1.8 or later.