Security Advisory

CVE-2026-22244

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-08 15:12:51

Last updated 2026-01-08 15:54:36

Assigner GitHub_M

State PUBLISHED

Description

OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection (SSTI) in FreeMarker email templates. An attacker must have administrative privileges to exploit the vulnerability. Version 1.11.4 contains a patch.

← Browse all CVEs View on cve.org ↗