{"id":"CLEANSTART-2026-FG72002","summary":"Security fixes for CVE-2026-25990, CVE-2026-40192, CVE-2026-42308, CVE-2026-42309, CVE-2026-42310, CVE-2026-42311, CVE-2026-45409, CVE-2026-48522, CVE-2026-48524, CVE-2026-48525, CVE-2026-48526, ghsa-5xmw-vc9v-4wf2, ghsa-65pc-fj4g-8rjx, ghsa-cfh3-3jmp-rvhc, ghsa-pwv6-vv43-88gr, ghsa-r73j-pqj5-w3x7, ghsa-whj4-6x5x-4v2j, ghsa-wjx4-4jcj-g98j applied in versions: 6.0.0-r5","details":"Multiple security vulnerabilities affect the apache-superset package. These issues are resolved in later releases. See references for individual vulnerability details.","modified":"2026-07-13T08:45:06.750062503Z","published":"2026-07-13T06:29:31.585527Z","upstream":["CVE-2026-25990","CVE-2026-40192","CVE-2026-42308","CVE-2026-42309","CVE-2026-42310","CVE-2026-42311","CVE-2026-45409","CVE-2026-48522","CVE-2026-48524","CVE-2026-48525","CVE-2026-48526","ghsa-5xmw-vc9v-4wf2","ghsa-65pc-fj4g-8rjx","ghsa-cfh3-3jmp-rvhc","ghsa-pwv6-vv43-88gr","ghsa-r73j-pqj5-w3x7","ghsa-whj4-6x5x-4v2j","ghsa-wjx4-4jcj-g98j"],"database_specific":{},"references":[{"type":"ADVISORY","url":"https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FG72002.json"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-25990"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-40192"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42308"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42309"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42310"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-42311"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-45409"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-48522"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-48524"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-48525"},{"type":"WEB","url":"https://osv.dev/vulnerability/CVE-2026-48526"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-5xmw-vc9v-4wf2"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-65pc-fj4g-8rjx"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-cfh3-3jmp-rvhc"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-pwv6-vv43-88gr"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-r73j-pqj5-w3x7"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-whj4-6x5x-4v2j"},{"type":"WEB","url":"https://osv.dev/vulnerability/ghsa-wjx4-4jcj-g98j"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-25990"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40192"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42308"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42309"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42310"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42311"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45409"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-48522"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-48524"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-48525"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-48526"}],"affected":[{"package":{"name":"apache-superset","ecosystem":"CleanStart"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0.0-r5"}]}],"database_specific":{"source":"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-FG72002.json"}}],"schema_version":"1.7.5"}