CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1 matches found

CVE•added 2026/04/16 7:37 p.m.•5 views

CVE-2026-33207

DataEase (open-source data visualization/analytics) contains a SQL injection in versions ≤ 2.10.20 at the /datasource/getTableField endpoint. The getTableFiledSql method concatenates the tableName into SQL via String.format without parameterization, and validation in DatasourceServer.py can be by...

8.8CVSS6.1AI score0.00039EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by