CVE-2026-10622

HIGH

Collibra Platform (on-prem) 2026.03-2026.03.355 & 2025.10-2025.10.398 - Unauthenticated REST API Auth Bypass

Title source: llm

Description

Improper Authentication in REST API in Collibra Agent, allows a remote unauthenticated attacker to access privileged functionality via exposed '/rest/* endpoints.

References (2)

Core 2

Core References

https://www.collibra.com/

https://kb.cert.org/vuls/id/873170

Scores

CVSS v3 8.2

EPSS 0.0044

EPSS Percentile 35.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

Status published

Products (7)

Collibra/Collibra Platform (on-prem) 2025.10 - 2025.10.399

Collibra/Collibra Platform (on-prem) 2026.03 - 2026.03.356

Collibra/Collibra Platform (SaaS) 2025.10 - 2025.10.9

Collibra/Collibra Platform (SaaS) 2025.11 - 2025.11.7

Collibra/Collibra Platform (SaaS) 2026.02 - 2026.02.6

Collibra/Collibra Platform (SaaS) 2026.03 - 2026.03.4

Collibra/Collibra Platform (SaaS) 2026.04 - 2026.04.5

Published Jun 02, 2026

Tracked Since Jun 02, 2026