Apache Polaris — Vulnerabilities & Security Advisories 4

All 4 CVE vulnerabilities found in Apache Polaris, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2026-42810	Apache Polaris: could broaden vended S3 credentials through wildcard-bearing namespace or table names CWE-116	9.9	Critical	2026-05-04
CVE-2026-42811	Apache Polaris: could broaden vended GCS credentials through unescaped identifier content in access-boundary CEL conditions CWE-917	9.9	Critical	2026-05-04
CVE-2026-42809	Apache Polaris: staged table creation could vend storage credentials for unvalidated locations CWE-862	9.9	Critical	2026-05-04
CVE-2026-42812	Apache Polaris: No protection on `write.metadata.path` CWE-863	9.9	Critical	2026-05-04

All 4 known CVE vulnerabilities affecting Apache Polaris with full Chinese analysis, references, and POCs where available.