CVE-2026-46718

Summary

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Apache Calcite.

This issue affects Apache Calcite: from 1.5.0 before 1.42.

Users are recommended to upgrade to version 1.42, which fixes the issue.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache Calcite1.5.0 < 1.42affected

Weaknesses

  • CWE-470: CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References