Affected versions: - Apache Superset through 4.1.1
Description: Improper Authorization vulnerability in Apache Superset allows ownership takeover of dashboards, charts or datasets by authenticated users with read permissions. This issue affects Apache Superset: through 4.1.1. Users are recommended to upgrade to version 4.1.2 or above, which fixes the issue. Credit: João Marono (finder) Daniel Gaspar (remediation developer) References: https://superset.apache.org https://www.cve.org/CVERecord?id=CVE-2025-27696
