CVE-2026-8750 h2oai CVE debrief

Who should care

Operators and maintainers of h2oai h2o-3 deployments, especially environments exposing the ImportFile API to untrusted networks. Security teams should also care if the platform is embedded in broader analytics or ML workflows where file-access controls matter.

Technical summary

The CVE description attributes the flaw to importFiles in PersistNFS.java within h2o-core. The documented effect is information disclosure. NVD metadata shows AV:N/AC:L/PR:N/UI:N and VC:L, which is consistent with a remotely reachable issue that requires no privileges or user interaction and affects confidentiality. The source also lists CWE-200 and CWE-284 as primary weakness categories.

Defensive priority

Medium. The issue is publicly disclosed and the source notes a public exploit, so exposed deployments should be reviewed promptly even though the recorded CVSS severity is medium.

Recommended defensive actions

• Inventory h2oai h2o-3 instances and confirm whether versions up to 7402 are in use.
• Restrict network access to the ImportFile API and place it behind authentication, segmentation, or allowlisting where possible.
• Review file-import and file-access logging for unexpected requests or disclosure activity.
• Apply vendor guidance or upgrade paths when available; if no fix is available, mitigate by reducing exposure of the affected API.
• Treat exposed instances as higher priority because the source indicates a public exploit exists.

Evidence notes

This debrief is based on the CVE description and NVD metadata supplied in the source corpus. NVD lists the vulnerability status as Received and provides references to VulDB and related CTI pages. The published CVSS vector indicates network reachability, no privileges, no user interaction, and low confidentiality impact. No additional product-specific remediation details were present in the supplied sources.

Official resources