Lucene search
+L

7 matches found

CVE
CVE
added 2026/07/10 7:10 a.m.11 views

CVE-2026-40006

CVE-2026-40006 affects Apache IoTDB: when pipe_air_gap_receiver_enabled is true, the IoTDB AirGap pipe receiver accepts raw TCP connections on port 9780 without authentication. The readLength method reads an attacker-controlled 32-bit integer from the socket and passes it to new byte[length] with...

7.5CVSS6.1AI score0.00323EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/06 8:38 a.m.7 views

CVE-2026-24012

Uncontrolled Resource Consumption vulnerability in Apache IoTDB. Some interface fails to impose reasonable limits on the time span and aggregation interval of the query. An attacker can construct a request with extreme parameters e.g., a very large time range combined with a minimal interval. Thi...

7.5CVSS6AI score0.00546EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/03/09 9:30 a.m.5 views

EUVD-2026-10311

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

5.8AI score0.00662EPSS
Exploits0References2
NVD
NVD
added 2026/03/09 9:16 a.m.15 views

CVE-2026-24015

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

9.8CVSS0.00584EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.5 views

PT-2026-24021

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.6, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.6 and 2.0.7, which fixes the issue...

5.7AI score0.00382EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2025/05/14 12:31 p.m.7 views

org.apache.iotdb:client-example (>=2.0.1-beta <=2.0.2-1), org.apache.iotdb:customize-mqtt-example (=2.0.1-beta) +8 more potentially affected by CVE-2025-26864 via org.apache.iotdb:node-commons (>=2.0.1-beta <=2.0.2-1)

org.apache.iotdb:node-commons MAVEN version =2.0.1-beta, =2.0.1-beta, =2.0.1-beta, =2.0.2-1 - org.apache.iotdb:iotdb-distribution =2.0.1-beta - org.apache.iotdb:iotdb-server =2.0.1-beta - org.apache.iotdb:pipe-count-point-processor-example =2.0.1-beta - org.apache.iotdb:trigger-example =2.0.1-bet...

7.5CVSS5.8AI score0.00709EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/02/03 12:0 a.m.7 views

The vulnerability of the iotdb-web-workbench component of the IoT database for Apache IoTDB allows a hacker to escalate their privileges.

The vulnerability of the iotdb-web-workbench component of the IoT database solution from Apache IoTDB is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to enhance their privileges remotely...

7.5CVSS7.5AI score0.01245EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder