CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/03/10 2:8 p.m.•4 views

CVE-2026-24015

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

vulnersOsv•added 2026/03/09 9:30 a.m.•2 views

org.apache.iotdb:customize-mqtt-example (>=1.0.0 <=1.3.3), org.apache.iotdb:influxdb-protocol (>=1.0.0 <=1.1.2) +12 more potentially affected by CVE-2026-24015 via org.apache.iotdb:iotdb-server (>=1.0.0 <=1.3.3)

org.apache.iotdb:iotdb-server MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.3.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.3.3 Source cves: CVE-2026-24015 Source advisory: SNYK:JAVA-ORGAPACHEIOTDB-15518632...

EUVD•added 2026/03/09 9:30 a.m.•2 views

Exploits0

EUVD-2026-10310

EUVD•added 2026/03/09 9:30 a.m.•3 views

EUVD-2026-10308

5.8AI score0.00025EPSS

OSV•added 2026/03/09 9:30 a.m.•1 views

GHSA-74CF-PGH9-M5Q2 Apache IoTDB has an Insecure Default Configuration Vulnerability

NVD•added 2026/03/09 9:16 a.m.•2 views

Exploits0References8

CVE-2026-24713

9.8CVSS0.0004EPSS

OSV•added 2026/03/09 9:16 a.m.•2 views

CVE-2026-24015

9.8CVSS5.8AI score

ATTACKERKB•added 2026/03/09 8:59 a.m.•1 views

CVE-2026-24713

CVE•added 2026/03/09 8:59 a.m.•5 views

CVE-2026-24713

CVE-2026-24713 is an Apache IoTDB issue described as an Improper Input Validation vulnerability that affects IoTDB releases prior to 1.3.7 and prior to 2.0.7 (i.e., 1.0.0–1.3.6 and 2.0.0–2.0.6). The connected CVE record additionally labels this as a JEXL Expression Injection vulnerability. Affect...

9.8CVSS5.8AI score0.0004EPSS

Vulnrichment•added 2026/03/09 8:59 a.m.•2 views

CVE-2026-24713 Apache IoTDB: JEXL Expression Injection Vulnerability

Vulnrichment•added 2026/03/09 8:57 a.m.•1 views

CVE-2026-24015 Apache IoTDB: Insecure Default Configuration Vulnerability

5.8AI score0.00025EPSS

ATTACKERKB•added 2026/03/09 8:57 a.m.•2 views

CVE-2026-24015

5.8AI score0.00025EPSS

CVE•added 2026/03/09 8:57 a.m.•8 views

CVE-2026-24015

CVE-2026-24015 affects Apache IoTDB and is described in connected records as an Insecure Default Configuration Vulnerability . Affected versions are IoTDB 1.0.0 up to, but not including, 1.3.7 and IoTDB 2.0.0 up to, but not including, 2.0.7. The recommended remediation is to upgrade to IoTDB 1.3....

Cvelist•added 2026/03/09 8:57 a.m.•28 views

CVE-2026-24015 Apache IoTDB: Insecure Default Configuration Vulnerability

0.00025EPSS

Positive Technologies•added 2026/03/09 12:0 a.m.•2 views

PT-2026-24020

CVE-2025-55017: Apache IoTDB: Path Traversal https://t.co/dRIraLBMg2 CVE-2025-64152: Apache IoTDB: Path Traversal https://t.co/fiMsybbd3I Two notifications of vulnerabilities non-described in the exact same way, but with slightly different affected and fixed version ranges...

5.8AI score

CNNVD•added 2026/03/09 12:0 a.m.•3 views

Apache IoTDB 安全漏洞

Apache IoTDB is an open source time series database developed by Apache Software Foundation for large-scale time series data storage and analysis in IoT scenarios. Apache IoTDB suffers from an improper input validation vulnerability. The vulnerability arises because the system does not perform...

9.8CVSS6.1AI score0.0004EPSS

Exploits0References3

Positive Technologies•added 2026/03/09 12:0 a.m.•1 views

PT-2026-24048

Positive Technologies•added 2026/03/09 12:0 a.m.•3 views

PT-2026-24047

Name of the Vulnerable Software and Affected Versions Apache IoTDB versions 1.0.0 through 1.3.6 Apache IoTDB versions 2.0.0 through 2.0.6 Description A security issue exists in Apache IoTDB. Users are advised to upgrade to a fixed version to address the problem. Recommendations Upgrade to version...