Back to CVE List

CVE-2026-47735

HIGH SEVERITY

Vulnerability Description

Arc has an authenticated arbitrary local-file read via DuckDB I/O functions that bypasses RBAC table-level checks

Vulnerability Details

Published Date

June 08, 2026

Last Modified

June 08, 2026

Source

GitHub

Vendor

go

Product

github.com/basekick-labs/arc

External References

Discussion (0)

Add Comment

No comments yet. Be the first!