1. Apache Superset Flaw Enables Authenticated Attackers to Read Arbitrary Server Files via MariaDB
A critical input validation vulnerability in Apache Superset exposes affected installations to arbitrary file read attacks by authenticated users through specially crafted MariaDB connections. The flaw leverages the LOCAL_INFILE capability—a database feature disabled by default on MariaDB servers but potentially exploi...