PT-2026-24048

Improper Input Validation vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue...

Apache IoTDB 安全漏洞

Apache IoTDB is an integrated data management engine designed for time-series data by the Apache Foundation in the United States. It provides services for data collection, storage, and analysis. Versions of Apache IoTDB from 1.0.0 to 1.3.7, as well as from 2.0.0 to 2.0.7, have security...

PT-2026-24047

Name of the Vulnerable Software and Affected Versions Apache IoTDB versions 1.0.0 through 1.3.6 Apache IoTDB versions 2.0.0 through 2.0.6 Description A security issue exists in Apache IoTDB. Users are advised to upgrade to a fixed version to address the problem. Recommendations Upgrade to version...

Apache IoTDB 安全漏洞

Apache IoTDB is an open source time series database developed by Apache Software Foundation for large-scale time series data storage and analysis in IoT scenarios. Apache IoTDB suffers from an improper input validation vulnerability. The vulnerability arises because the system does not perform...

PT-2026-24020

CVE-2025-55017: Apache IoTDB: Path Traversal https://t.co/dRIraLBMg2 CVE-2025-64152: Apache IoTDB: Path Traversal https://t.co/fiMsybbd3I Two notifications of vulnerabilities non-described in the exact same way, but with slightly different affected and fixed version ranges...

Deserialization Of Untrusted Data

org.apache.iotdb:iotdb-confignode is vulnerable to Deserialization Of Untrusted Data. The vulnerability is due to insufficient validation of externally supplied serialized data, which allows an attacker to craft malicious serialized objects that can be deserialized to execute arbitrary code or...

Denial Of Service (DoS)

org.apache.iotdb, iotdb-core is vulnerable to a Denial-of-service DoS. The vulnerability is due to improper input validation that cause resource exhaustion, allows an attacker over the network to consume system resources and disrupt service...

EUVD-2025-14874

Malicious code in bioql PyPI...

EUVD-2022-0023

Malicious code in bioql PyPI...

EUVD-2023-0040

Malicious code in bioql PyPI...

EUVD-2023-0041

Malicious code in bioql PyPI...

EUVD-2024-0014

Malicious code in bioql PyPI...

EUVD-2022-0022

Malicious code in bioql PyPI...

EUVD-2022-0722

Malicious code in bioql PyPI...

EUVD-2024-36093

Malicious code in bioql PyPI...

EUVD-2022-0024

Malicious code in bioql PyPI...

EUVD-2023-0039

Malicious code in bioql PyPI...

EUVD-2023-0038

Malicious code in bioql PyPI...

CVE-2025-48392

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.3.3 through 1.3.4, from 2.0.1-beta through 2.0.4. Users are recommended to upgrade to version 2.0.5, which fixes the issue...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation via the process handling incoming requests. An attacker can cause the service to become unresponsive by sending specially crafted input. Remediation Upgrade org.apache.iotdb:iotdb-core to version 2.0.5 or highe...