Tag

Cve-2026-29080

1 brief RSS

Rucio SQL Injection Vulnerability in DID Search API

A SQL injection vulnerability exists in the Oracle path of `FilterEngine.create_sqla_query` in Rucio, allowing any authenticated user to execute arbitrary SQL against the backend database via the DID search endpoint, potentially leading to full database compromise and data exfiltration.

rucio sql-injection cve-2026-29080 web-application

2r 8t 1h ago