CVE-2026-48114
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk29th percentile — higher than 29% of all known CVEs
Summary
Metacat is data repository software that contains an unauthenticated SQL injection vulnerability in the /harvesterRegistration endpoint in versions 2.0.0 and above. Exploiting this vulnerability allows full read/write/execute access in the Metacat database context.
Risk Assessment
This vulnerability may lead to unauthorized access and modification of data, posing a serious threat to the integrity and confidentiality of data within the organization.
Recommendation
It is recommended to upgrade to Metacat version 3.0.0 or newer to remediate this vulnerability. Additionally, implementing LDAP identity verification mechanisms is advisable for enhanced security.
Original NVD description (English source)
Metacat is data repository software that helps researchers preserve, share, and discover data. Versions 2.0.0 and and above contain an unauthenticated SQL injection in the /harvesterRegistration endpoint. HarvesterRegistration.dbInsert() builds an INSERT against HARVEST_SITE_SCHEDULE via string concatenation, using a quoteString() helper that performs raw single-quote wrapping without escaping. Three request parameters reach the sink: unit, contactEmail, and documentListURL. The servlet does not verify a real LDAP identity. Allowing the vulnerable insert to proceed. Since the PostgreSQL backend permits stacked queries via Statement.executeUpdate(), this vulnerability allows full read/write/execute access in the Metacat database context. The vulnerability was remediated in Metacat 3.0.0.

