CVE-2026-44501— DataHub OIDC REDIRECT_URL Cookie Deserialization Vulnerability
Possible ATT&CK Techniques 1AI
T1190 · Exploit Public-Facing ApplicationAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| datahub-project | datahub | < 1.5.0.3 | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-44501
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DataHub OIDC REDIRECT_URL Cookie Deserialization Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
DataHub is an open-source metadata platform. Prior to 1.5.0.3, The DataHub frontend (datahub-frontend-react) deserializes attacker-controlled Java objects from the REDIRECT_URL HTTP cookie during the OIDC callback flow, with no integrity protection (no HMAC, no encryption). This is a Deserialization of Untrusted Data vulnerability (CWE-502) affecting the GET /callback/oidc endpoint. Successful exploitation requires a valid user account in the configured OIDC identity provider This vulnerability is fixed in 1.5.0.3.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
可信数据的反序列化
Source: NVD (National Vulnerability Database)
Vulnerability Title
DataHub 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
DataHub是datahub-project开源的一个现代数据栈的元数据平台。 DataHub 1.5.0.3之前版本存在代码问题漏洞,该漏洞源于DataHub前端在OIDC回调流程中从REDIRECT_URL HTTP cookie反序列化攻击者控制的Java对象,且无完整性保护,导致反序列化不可信数据漏洞。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| datahub-project | datahub | < 1.5.0.3 | - |
II. Public POCs for CVE-2026-44501
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-44501
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: datahub
- CVE-2026-25644
DataHub's LDAP Ingestion Source vulnerable to MITM attack th - CVE-2024-22409
Default Privileges allow for high level operations for low p - CVE-2023-47640
Insecure Use of HMAC-SHA1 For Session Signing in datahub - CVE-2023-47628
Session Expiration Misconfiguration in datahub - CVE-2023-47629
Privilege escalation through email sign-up in datahub
Same vendor: datahub-project
- CVE-2026-25644
DataHub's LDAP Ingestion Source vulnerable to MITM attack th - CVE-2024-22409
Default Privileges allow for high level operations for low p - CVE-2023-47640
Insecure Use of HMAC-SHA1 For Session Signing in datahub - CVE-2023-47628
Session Expiration Misconfiguration in datahub - CVE-2023-47629
Privilege escalation through email sign-up in datahub
Same weakness: CWE-502
- CVE-2026-8751
h2oai h2o-3 JAR Model.java importBinaryModel deserialization - CVE-2026-8735
Oinone Pamirs appConfigQuery PamirsParserConfig.java JsonUti - CVE-2026-1184
Deserialization of Untrusted Data in GitLab - CVE-2026-41957
BIG-IP and BIG-IQ Configuration utility vulnerability - CVE-2026-7635
coreActivity: Activity Logging for WordPress <= 3.0 - Unauth
V. Comments for CVE-2026-44501
No comments yet