IPv6 Address Exposure in OpenObserve Cloud-Native Observability Platform
CVE-2026-39361

7.7HIGH

Key Information:

Vendor: Openobserve
Status: Openobserve
Vendor: CVE Published:; 7 April 2026

🔔 Create Openobserve Vulnerability Alert

What is CVE-2026-39361?

The validate_enrichment_url function in OpenObserve's observability platform allows attackers with authenticated access to exploit IPv6 address formatting issues. This opens pathways to internal services that should be secured from external access. On cloud setups, this vulnerability can facilitate unauthorized retrieval of IAM credentials across various cloud platforms, including AWS, GCP, and Azure. Furthermore, in self-hosted environments, attackers can probe internal network services, significantly heightening security risks.

Affected Version(s)

openobserve <= 0.70.3

References

https://github.com/openobserve/openobserve/security/advis...

x_refsource_CONFIRM

https://github.com/openobserve/openobserve/commit/d1a5d8f...

x_refsource_MISC

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 7, 2026
Vulnerability Reserved
Apr 6, 2026

CVE-2026-39361 Data

JSON