H2oai
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any H2oai product.
RSS Feeds for H2oai security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in H2oai products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by H2oai Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 3 vulnerabilities in H2oai with an average score of 6.0 out of ten. H2oai did not have any published security vulnerabilities last year. That is, 3 more vulnerabilities have already been reported in 2026 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 3 | 5.97 |
| 2025 | 0 | 0.00 |
| 2024 | 2 | 0.00 |
It may take a day or so for new H2oai vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent H2oai Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2026-8752 | May 17, 2026 |
H2O-3 Rapids SetProperty Improper Access Control VulnerabilityA weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the component Rapids setproperty Primitive Handler. Executing a manipulation can lead to improper access controls. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. |
H2o 3
|
| CVE-2026-8751 | May 17, 2026 |
Remote Deserialization in h2o-3 importBinaryModel (JAR Handler)A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a manipulation results in deserialization. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. |
H2o 3
|
| CVE-2026-8750 | May 17, 2026 |
h2o-3 ImportFile API Info Disclosure via PersistNFSA vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFile API. Such manipulation leads to information disclosure. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way. |
H2o 3
|
| CVE-2024-5979 | Jun 27, 2024 |
H2O-3 3.46.0 run_tool CVE20245979: rapids exec water.tools class = DoSIn h2oai/h2o-3 version 3.46.0, the `run_tool` command in the `rapids` component allows the `main` function of any class under the `water.tools` namespace to be called. One such class, `MojoConvertTool`, crashes the server when invoked with an invalid argument, causing a denial of service. |
H2oaih2o 3
|
| CVE-2024-5550 | Jun 06, 2024 |
h2o-3 3.40.0.4 Path Disclosure via Typeahead APIIn h2oai/h2o-3 version 3.40.0.4, an exposure of sensitive information vulnerability exists due to an arbitrary system path lookup feature. This vulnerability allows any remote user to view full paths in the entire file system where h2o-3 is hosted. Specifically, the issue resides in the Typeahead API call, which when requested with a typeahead lookup of '/', exposes the root filesystem including directories such as /home, /usr, /bin, among others. This vulnerability could allow attackers to explore the entire filesystem, and when combined with a Local File Inclusion (LFI) vulnerability, could make exploitation of the server trivial. |
H2oaih2o 3
|