Critical Apache Flink Vulnerability Enables Remote code execution Attacks

A newly disclosed critical vulnerability in Apache Flink, tracked as CVE-2026-35194, exposes distributed data processing environments to remote code execution (RCE) attacks via SQL injection flaws in the platform’s code generation engine. The flaw lies in Apache Flink’s SQL code-generation mechanism, where user-supplied input is improperly sanitized before being embedded in dynamically generated Java code. This […] The post Critical Apache Flink Vulnerability Enables Remote code execution Attacks appeared first on Cyber Security News.