By weakness (CWE)
CWE-470: related vulnerabilities
CVEs classified under CWE-470. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-46718MEDIUM 6.5
Apache Calcite versions 1.5.0 through 1.41 contain a vulnerability that allows attackers to supply malicious input which the application then uses to dynamically load arbitrary Java classes. This unsafe reflection flaw requires only network access and no authentication, enabling remote attackers to potentially execute unintended code or access sensitive data. The vulnerability has been resolved in version 1.42.