Every CVE whose affected-product data names Apache Seatunnel, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2023-48396 — CVSS 9.1 (critical): Web Authentication vulnerability in Apache SeaTunnel. Since the jwt key is hardcoded in the application, an attacker can forge any token to…
CVE-2023-49198 — CVSS 7.5 (high): Mysql security vulnerability in Apache SeaTunnel. Attackers can read files on the MySQL server by modifying the information in the MySQL…
CVE-2025-32896 — CVSS 6.5 (medium): # Summary Unauthorized users can perform Arbitrary File Read and Deserialization attack by submit job using restful api-v1. # Details…