CVE-2026-41490
Awaiting Analysis Awaiting Analysis - Queue
SQL Injection in Dagster Dynamic Partition I/O Managers

Publication date: 2026-05-07

Last updated on: 2026-05-07

Assigner: GitHub, Inc.

Description
Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating dynamic partition key values into queries without escaping. A user with the Add Dynamic Partitions permission could create a partition key that injects arbitrary SQL, which would execute against the target database backend under the I/O manager's credentials. Only deployments that use dynamic partitions are affected. Pipelines using static or time-window partitions are not impacted. This issue has been patched in Dagster Core version 1.13.1 and Dagster libraries version 0.29.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-07
Last Modified
2026-05-07
Generated
2026-06-17
AI Q&A
2026-05-07
EPSS Evaluated
2026-06-15
NVD
CVE-2026-41490
EUVD
EUVD-2026-28368
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
dagster dagster to 1.13.1 (exc)
dagster dagster_deltalake to 0.29.1 (exc)
dagster dagster_dagster to 1.13.1 (exc)
dagster dagster_bigquery to 1.13.1 (exc)
dagster dagster_duckdb to 1.13.1 (exc)
dagster dagster_snowflake to 1.13.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-41490 is a SQL injection vulnerability in Dagster's I/O managers for DuckDB, Snowflake, BigQuery, and DeltaLake. The issue occurs because dynamic partition key values are directly interpolated into SQL WHERE clauses without proper escaping. This allows a user with the Add Dynamic Partitions permission to inject arbitrary SQL commands that execute with the I/O manager's database credentials.

Only deployments using dynamic partitions are affected; pipelines using static or time-window partitions are not impacted. The vulnerability has been fixed in Dagster Core version 1.13.1 and Dagster libraries version 0.29.1.

Impact Analysis

This vulnerability can lead to unauthorized execution of arbitrary SQL commands against the target database backend using the I/O manager's credentials. This can result in unauthorized data access or modification, compromising the confidentiality and integrity of your data.

The impact is high on confidentiality and integrity, but low on availability. It is particularly relevant in environments where users have the Add Dynamic Partitions permission, especially in multi-tenant or custom RBAC setups.

Detection Guidance

This vulnerability affects deployments of Dagster that use dynamic partitions with the DuckDB, Snowflake, BigQuery, or DeltaLake I/O managers. Detection involves identifying if your system uses dynamic partitions and if users have the Add Dynamic Partitions permission.

Since the vulnerability is due to SQL injection via unescaped dynamic partition keys, you can check for unusual or unexpected SQL queries executed by the I/O managers that include suspicious or malformed partition key values.

There are no specific commands provided in the resources to detect this vulnerability directly on your network or system.

Mitigation Strategies

The primary mitigation step is to upgrade Dagster Core to version 1.13.1 or later and Dagster libraries to version 0.29.1 or later, where the vulnerability has been patched by properly escaping dynamic partition key values.

Additionally, review and restrict the Add Dynamic Partitions permission to only trusted users, especially in multi-tenant or custom RBAC environments, to reduce the risk of SQL injection.

No configuration changes are required beyond upgrading and permission review.

Compliance Impact

This SQL injection vulnerability allows users with the Add Dynamic Partitions permission to execute arbitrary SQL commands under the I/O manager's credentials, potentially leading to unauthorized data access or modification.

Such unauthorized access or modification of data can impact the confidentiality and integrity of sensitive information, which are critical requirements under common standards and regulations like GDPR and HIPAA.

Organizations using affected versions of Dagster with dynamic partitions should review user permissions and assess exposure to ensure compliance with these regulations, as failure to do so could result in violations related to data protection and privacy.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-41490. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart