All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-39196
CRITICALpublished 2026-06-15 20:16 UTC · 10 days ago · modified 2026-06-16 15:50 UTC
9.8
CVSS / 10
// description
Datadog, Inc Vector v0.54.0 was discovered to contain a SQL injection vulnerability in the set_uri_query parameter in the KeyPartitioner::partition function. This vulnerability allows attackers to access sensitive database information via crafted SQL statements.
// cvss 3.1 vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
// weaknesses (CWE)
- CWE-89