CVE-2026-10622 PUBLISHED

CVE-2026-10622

Assigner: certcc
Reserved: 02.06.2026 Published: 02.06.2026 Updated: 02.06.2026

Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker to access privileged functionality via exposed '/rest/* endpoints.

Product Status

Vendor Collibra
Product Collibra Platform (on-prem)
Versions
  • affected from 2026.03 to 2026.03.356 (excl.)
Vendor Collibra
Product Collibra Platform (on-prem)
Versions
  • affected from 2025.10 to 2025.10.399 (excl.)
Vendor Collibra
Product Collibra Platform (SaaS)
Versions
  • affected from 2026.04 to 2026.04.5 (excl.)
Vendor Collibra
Product Collibra Platform (SaaS)
Versions
  • affected from 2026.03 to 2026.03.4 (excl.)
Vendor Collibra
Product Collibra Platform (SaaS)
Versions
  • affected from 2026.02 to 2026.02.6 (excl.)
Vendor Collibra
Product Collibra Platform (SaaS)
Versions
  • affected from 2025.11 to 2025.11.7 (excl.)
Vendor Collibra
Product Collibra Platform (SaaS)
Versions
  • affected from 2025.10 to 2025.10.9 (excl.)

References

Problem Types

  • CWE-306 Missing Authentication for Critical Function
  • CWE-287 Improper Authentication