CVE-2025-26467HIGH 8.8EPSS p36.9%

CVE-2025-26467CVE-2025-26467

Description

Privilege Defined With Unsafe Actions vulnerability in Apache Cassandra. An user with MODIFY permission ON ALL KEYSPACES can escalate privileges to superuser within a targeted Cassandra cluster via unsafe actions to a system resource. Operators granting data MODIFY permission on all keyspaces on affected versions should review data access rules for potential breaches. This issue affects Apache Cassandra 3.0.30, 3.11.17, 4.0.16, 4.1.7, 5.0.2, but this advisory is only for 4.0.16 because the fix to CVE-2025-23015 was incorrectly applied to 4.0.16, so that version is still affected. Users in the 4.0 series are recommended to upgrade to version 4.0.17 which fixes the issue. Users from 3.0, 3.11, 4.1 and 5.0 series should follow recommendation from CVE-2025-23015.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.47% probability of exploitation · percentile 36.9% · 2026-06-19T12:03:05Z
Published2025-08-25
Last modified2025-08-26

Underlying weaknesses· 1

CWE-267

References

  1. https://lists.apache.org/thread/xxj36rr4d6mzyqpld05dn8b9951hfpz7

1

TypeTargetConfidenceTier
WeaknessPrivilege Defined With Unsafe Actionscwe-2670%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-23015
CVE
CVE-2026-27314
CVE
CVE-2025-26511
CVE
CVE-2026-33109
CVE
CVE-2025-27696
CVE
CVE-2026-33844
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.