CRITICAL
NCEAS
CVE published 2026-06-15
CVE-2026-48114
A critical vulnerability was discovered in Metacat, a data repository software used for preserving, sharing, and discovering data. The issue, tracked as CVE-2026-48114, is an unauthenticated SQL injection vulnerability that affects versions 2.0.0 and above. The vulnerability is located in the /harvesterRegistration endpoint, where the HarvesterRegistration.dbInsert() function builds an INSERT statement ag [truncated]