CVE-2025-62728 | Apache Hive up to 4.1.x HMS Thrift API sql injection

A vulnerability was found in Apache Hive up to 4.1.x. It has been classified as critical. Affected by this vulnerability is an unknown functionality of the component HMS Thrift API. Performing manipulation results in sql injection.

This vulnerability is reported as CVE-2025-62728. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More