CVE Catalog
CVE-2026-32967
CriticalCVSS 9.1Exploitation Probability (EPSS)
Low risk0.20%
10th percentile — higher than 10% of all known CVEs
Summary
Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects versions before 3.4.2.
Risk Assessment
Improper authorization may lead to unauthorized access to system functions, posing a risk to the organization's data security.
Recommendation
Users are recommended to upgrade to version 3.4.2, which fixes the issue.
Original NVD description (English source)
Incorrect Authorization vulnerability of `/v2` experimental interface in Apache DolphinScheduler. This issue affects Apache DolphinScheduler: before 3.4.2. Users are recommended to upgrade to version 3.4.2, which fixes the issue.

