CVE-2026-41490
SQL Injection in Dagster Dynamic Partition I/O Managers
Publication date: 2026-05-07
Last updated on: 2026-05-07
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dagster | dagster | to 1.13.1 (exc) |
| dagster | dagster_deltalake | to 0.29.1 (exc) |
| dagster | dagster_dagster | to 1.13.1 (exc) |
| dagster | dagster_bigquery | to 1.13.1 (exc) |
| dagster | dagster_duckdb | to 1.13.1 (exc) |
| dagster | dagster_snowflake | to 1.13.1 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This SQL injection vulnerability allows users with the Add Dynamic Partitions permission to execute arbitrary SQL commands under the I/O manager's credentials, potentially leading to unauthorized data access or modification.
Such unauthorized access or modification of data can impact the confidentiality and integrity of sensitive information, which are critical requirements under common standards and regulations like GDPR and HIPAA.
Organizations using affected versions of Dagster with dynamic partitions should review user permissions and assess exposure to ensure compliance with these regulations, as failure to do so could result in violations related to data protection and privacy.
Can you explain this vulnerability to me?
CVE-2026-41490 is a SQL injection vulnerability in Dagster's I/O managers for DuckDB, Snowflake, BigQuery, and DeltaLake. The issue occurs because dynamic partition key values are directly interpolated into SQL WHERE clauses without proper escaping. This allows a user with the Add Dynamic Partitions permission to inject arbitrary SQL commands that execute with the I/O manager's database credentials.
Only deployments using dynamic partitions are affected; pipelines using static or time-window partitions are not impacted. The vulnerability has been fixed in Dagster Core version 1.13.1 and Dagster libraries version 0.29.1.
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized execution of arbitrary SQL commands against the target database backend using the I/O manager's credentials. This can result in unauthorized data access or modification, compromising the confidentiality and integrity of your data.
The impact is high on confidentiality and integrity, but low on availability. It is particularly relevant in environments where users have the Add Dynamic Partitions permission, especially in multi-tenant or custom RBAC setups.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects deployments of Dagster that use dynamic partitions with the DuckDB, Snowflake, BigQuery, or DeltaLake I/O managers. Detection involves identifying if your system uses dynamic partitions and if users have the Add Dynamic Partitions permission.
Since the vulnerability is due to SQL injection via unescaped dynamic partition keys, you can check for unusual or unexpected SQL queries executed by the I/O managers that include suspicious or malformed partition key values.
There are no specific commands provided in the resources to detect this vulnerability directly on your network or system.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade Dagster Core to version 1.13.1 or later and Dagster libraries to version 0.29.1 or later, where the vulnerability has been patched by properly escaping dynamic partition key values.
Additionally, review and restrict the Add Dynamic Partitions permission to only trusted users, especially in multi-tenant or custom RBAC environments, to reduce the risk of SQL injection.
No configuration changes are required beyond upgrading and permission review.