Description
Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included restrictions for engines like PostgreSQL, a vulnerability was reported where the default list for the ClickHouse engine was incomplete.

This issue affects Apache Superset: before 4.1.2.

Users are recommended to upgrade to version 4.1.2, which fixes the issue.
Published: 2026-02-24
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Sensitive Data Exposure
Action: Upgrade Now
AI Analysis

Impact

Apache Superset allows users to run arbitrary SQL queries against backend databases through SQL Lab and chart creation. A configurable list of disallowed SQL functions is intended to prevent execution of sensitive operations. For ClickHouse, this list was incomplete, letting certain privileged functions run unfiltered. This flaw can lead to unauthorized disclosure of sensitive data stored in the ClickHouse database. The weakness is a classic example of SQL injection (CWE‑89), where bypassing filters enables exposure of protected information.

Affected Systems

The vulnerability applies to Apache Superset deployments running any version prior to 4.1.2, regardless of the specific environment or hosting configuration. Systems using the ClickHouse engine in Superset should verify whether they fall under the affected version range.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity, and the EPSS score of less than 1% suggests a low probability of exploitation at the time of analysis. The flaw is not listed in the CISA KEV catalog, so there is no current evidence of large‑scale exploitation. Attackers would likely need user access to Superset’s SQL Lab with the ability to input custom queries. If such access is granted, they can craft queries that invoke the uncovered ClickHouse functions and retrieve sensitive data. The risk escalates if privileged users or anonymous access are allowed to submit queries.

Generated by OpenCVE AI on April 17, 2026 at 15:48 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official Superset patch by upgrading to version 4.1.2 or later.
  • After upgrading, confirm that the DISALLOWED_SQL_FUNCTIONS list for ClickHouse includes all sensitive functions intended to be blocked.
  • If an upgrade is temporarily infeasible, restrict clickhouse query capabilities by limiting database permissions or disabling direct ClickHouse access for users who are not required to run queries.

Generated by OpenCVE AI on April 17, 2026 at 15:48 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-48m2-v2r8-h23m Apache Superset: Incomplete DISALLOWED_SQL_FUNCTIONS default list for ClickHouse engine
History

Thu, 26 Feb 2026 16:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N'}

Wed, 25 Feb 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache superset
Vendors & Products Apache
Apache superset

Tue, 24 Feb 2026 19:30:00 +0000

Type Values Removed Values Added
References

Tue, 24 Feb 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Feb 2026 13:30:00 +0000

Type Values Removed Values Added
Description Apache Superset utilizes a configurable dictionary, DISALLOWED_SQL_FUNCTIONS, to restrict the execution of potentially sensitive SQL functions within SQL Lab and charts. While this feature included restrictions for engines like PostgreSQL, a vulnerability was reported where the default list for the ClickHouse engine was incomplete. This issue affects Apache Superset: before 4.1.2. Users are recommended to upgrade to version 4.1.2, which fixes the issue.
Title Apache Superset: Exposure of Sensitive Information via Incomplete ClickHouse Function Filtering
Weaknesses CWE-89
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

Apache Superset
cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2026-02-24T18:19:35.336Z

Reserved: 2026-01-19T16:07:55.245Z

Link: CVE-2026-23969

cve-icon Vulnrichment

Updated: 2026-02-24T18:19:35.336Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-24T14:16:22.623

Modified: 2026-02-26T16:27:28.420

Link: CVE-2026-23969

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T16:00:11Z

Weaknesses