Unity Catalog is an open, multi-modal Catalog for data and AI. In 0.4.0 and earlier, a critical authentication bypass vulnerability exists in the Unity Catalog …

Critical authentication bypass vulnerability in Unity Catalog version 0.4.0 and earlier affects the token exchange endpoint (/api/1.0/unity-control/auth/tokens). The vulnerability allows attackers to bypass authentication by exploiting how the system handles JWT token validation. The endpoint extracts the issuer claim from incoming JWTs and dynamically fetches JWKS endpoints without validating that the issuer is a trusted identity provider. This flaw could allow unauthorized access to the Unity Catalog system. The vulnerability has been assigned CVE-2026-27478 and affects Unity Catalog's data and AI catalog functionality.