Apache Druid

CVE-2026-23906: Authentication Bypass Flaw Hits Apache Druid Analytics Clusters Apache Druid Vulnerability CVE-2026-23906

Apache Druid Vulnerability CVE-2026-23906

CVE-2026-23906: Authentication Bypass Flaw Hits Apache Druid Analytics Clusters

Do Son February 11, 2026

The Apache Software Foundation has released a security update for Apache Druid, the high-performance real-time analytics database,...

CVE-2025-27888: Apache Druid Flaw Opens Door to SSRF and XSS Risks in Real-Time Analytics Platforms

CVE-2025-27888

CVE-2025-27888: Apache Druid Flaw Opens Door to SSRF and XSS Risks in Real-Time Analytics Platforms

Do Son March 23, 2025

Apache has disclosed a critical security vulnerability in Apache Druid, a real-time analytics database widely used for...

Lucifer Botnet Exploits Apache Hadoop & Druid (CVE-2021-25646) for Cryptomining

Lucifer botnet

Lucifer Botnet Exploits Apache Hadoop & Druid (CVE-2021-25646) for Cryptomining

Do Son February 22, 2024

Security researchers at Aqua Nautilus have uncovered a sophisticated campaign exploiting misconfigurations and vulnerabilities in Apache Hadoop...