CVE-2026-35194 - Vulnerability Details

- Apache Flink: Remote code execution via SQL injection in code generation

Description

Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions (1.15.0+) and LIKE expressions with ESCAPE clauses (1.17.0+). User-controlled strings are interpolated into generated Java code without proper escaping, allowing attackers to break out of string literals and inject arbitrary expressions.

Users are recommended to upgrade to either version 1.20.4, 2.0.2, 2.1.2 or 2.2.1, which fixes this issue.

Published: 2026-05-15

Score: 8.1 High

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

Apache Flink processes user supplied SQL queries. The vulnerability occurs when Flink's SQL code generator interpolates user‑controlled strings into Java code without proper escaping. This allows an authenticated user with query submission rights to break out of string literals, inject arbitrary Java expressions, and execute code on the TaskManager nodes. The impact is the ability to run any code on the cluster, leading to full system compromise.

Affected Systems

Apache Software Foundation product Apache Flink versions 1.15.0 through 1.20.x and 2.0.0 through 2.x are affected. Users of Flink 1.15.0+ that enable JSON functions and of 1.17.0+ that use LIKE expressions with ESCAPE clauses are included.

Risk and Exploitability

The flaw offers remote code execution capability only to users who can submit queries, so it requires authenticated privileges. Nevertheless, many Flink deployments grant such privileges to application developers or service accounts, making the failure surface large. The CVSS score of 8.1 indicates high severity. EPSS data is unavailable and the vulnerability is not listed in CISA KEV, but the lack of a publicly released exploit does not diminish the importance of patching. Attackers would craft a specially formed SQL statement to trigger the code generation path that injects malicious Java code.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apache Software Foundation

Apache Flink

unaffected

Version	Status	Constraints
`1.15.0`	affected	< 1.20.4,2.0.2,2.1.2,2.2.1

No data.

Vendor Product Confidence Versions

Apache

Flink

95%

Version	Status	Scheme	Platform
`[1.15.0,1.20.4)`	affected	semver	—
`[1.15.0,2.2.1)`	affected	semver	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade Apache Flink to one of the fixed releases: 1.20.4, 2.0.2, 2.1.2 or 2.2.1.
Restrict query submission permissions to trusted users only to reduce the attack surface.
Audit existing SQL queries and monitor logs for anomalous patterns that could indicate injection attempts.

Generated by OpenCVE AI on May 15, 2026 at 20:46 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00047.

Exploitation none

Automatable no

Technical Impact total

References

Link	Providers
http://www.openwall.com/lists/oss-security/2026/05/15/20
https://lists.apache.org/thread/qh52bw4hhvy7n2owd8b3bt51mz0lvj9x

History

Fri, 15 May 2026 22:30:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2026/05/15/20

Fri, 15 May 2026 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Apache Apache flink
Vendors & Products		Apache Apache flink
Metrics		cvssV3_1 `{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 15 May 2026 16:00:00 +0000

Type	Values Removed	Values Added
Description		Code injection in SQL code generation in Apache Flink 1.15.0 through 1.20.x and 2.0.0 through 2.x allows authenticated users with query submission privileges to execute arbitrary code on TaskManagers via maliciously crafted SQL queries. The vulnerability affects JSON functions (1.15.0+) and LIKE expressions with ESCAPE clauses (1.17.0+). User-controlled strings are interpolated into generated Java code without proper escaping, allowing attackers to break out of string literals and inject arbitrary expressions. Users are recommended to upgrade to either version 1.20.4, 2.0.2, 2.1.2 or 2.2.1, which fixes this issue.
Title		Apache Flink: Remote code execution via SQL injection in code generation
Weaknesses		CWE-94
References		https://lists.apache.org/thread/qh52bw4hhvy7n2owd8b3bt51mz0lvj9x

Subscriptions

Apache Flink

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2026-05-15T15:27:27.346Z

Updated: 2026-05-15T21:23:25.726Z

Reserved: 2026-04-01T18:39:08.929Z

Link: CVE-2026-35194

Vulnrichment

Updated: 2026-05-15T21:23:25.726Z

NVD

Status : Received

Published: 2026-05-15T16:16:14.340

Modified: 2026-05-15T22:16:51.900

Link: CVE-2026-35194

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-05-15T21:00:09Z

Weaknesses

CWE-94

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object