Improper Authentication in REST API of Collibra Agent Exposes Security Flaw
CVE-2026-10622

Currently unrated

Key Information:

Vendor: Collibra
Status: Collibra Platform (on-prem); Collibra Platform (saas)
Vendor: CVE Published:; 2 June 2026

What is CVE-2026-10622?

The Collibra Agent contains an improper authentication issue within its REST API that can allow attackers, without any authentication, to gain access to privileged functionality. This vulnerability exposes specific endpoints ('/rest/*') which, if exploited, can lead to significant security risks. Organizations using Collibra Agent should take immediate action to secure their APIs and limit unauthorized access.

Affected Version(s)

Collibra Platform (on-prem) 2026.03 < 2026.03.356

Collibra Platform (on-prem) 2025.10 < 2025.10.399

Collibra Platform (SaaS) 2026.04 < 2026.04.5

References

https://www.collibra.com/

https://kb.cert.org/vuls/id/873170

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Jun 2, 2026

CVE-2026-10622 Data

JSON