Lucene search
+L

38 matches found

NVD
NVD
added 3 days ago7 views

CVE-2026-62353

TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.14, source/libs/parser/src/parTokenizer.c tGetToken incremented past a trailing backslash in a SQL string literal such as 'abc\ and read one byte beyond the null terminator, allowing an authenticated user...

5.4CVSS0.00247EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-62355

TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, a Data Reader adminuser on a TDengine Cloud DB instance could run create udf even though standard users should have read-only permissions for non-database objects and show dnodes and crea...

5.4CVSS0.00138EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-62349

TDengine is an open source, time-series database optimized for Internet of Things devices. In 3.4.1.6 and earlier, source/libs/parser/src/parUtil.c trimString checks space for only one byte before processing SQL string escape sequences %, , or \x, allowing a one-byte out-of-bounds write to the...

8.3CVSS0.00401EPSS
Exploits0References1
NVD
NVD
added 3 days ago7 views

CVE-2026-62350

TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, a user with create udf privilege could upload a crafted shared library and install it as a user-defined function, such as eval, then execute arbitrary C code on the TDengine server side...

7.2CVSS0.0037EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-62348

TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, TDengine Enterprise allowed an authenticated low-privilege SQL user to run KILL SSMIGRATE against an active shared-storage migration because mndProcessKillSsMigrateReq called mndKillSsMigrate while the...

5.4CVSS0.00209EPSS
Exploits0References1
NVD
NVD
added 3 days ago5 views

CVE-2026-62351

TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, source/libs/transport/src/transComm.c transDecompressMsg read STransCompMsg.contLen when pHead-comp == 1 without first validating that the RPC packet contained the 8-byte STransCompMsg structure, causi...

7.5CVSS0.00324EPSS
Exploits0References1
CVE
CVE
added 3 days ago10 views

CVE-2026-62351

TDengine before 3.4.1.15 is affected. In transDecompressMsg() within source/libs/transport/src/transComm.c, the code reads STransCompMsg.contLen when pHead->comp == 1 without first validating that the RPC packet contains the 8-byte STransCompMsg structure. This can cause an unauthenticated out...

7.5CVSS6.1AI score0.00324EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago32 views

CVE-2026-62348 TDengine: KILL SSMIGRATE missing authorization lets low-privilege users interrupt shared-storage migrations

TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, TDengine Enterprise allowed an authenticated low-privilege SQL user to run KILL SSMIGRATE against an active shared-storage migration because mndProcessKillSsMigrateReq called mndKillSsMigrate while the...

5.4CVSS0.00209EPSS
Exploits0References1
CVE
CVE
added 3 days ago11 views

CVE-2026-62348

TDengine TDengine Enterprise prior to 3.4.1.15 is affected. An authenticated low-privilege SQL user could issue KILL SSMIGRATE against an active shared-storage migration because mndProcessKillSsMigrateReq called mndKillSsMigrate while the MND_OPER_SSMIGRATE_DB privilege check was commented out. ...

5.4CVSS6.1AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 3 days ago8 views

CVE-2026-62349

TDengine 3.4.1.6 and earlier contains an off-by-one/write vulnerability in source/libs/parser/src/parUtil.c: trimString() only checks a single-byte space before handling SQL string escape sequences (%, _, or \x), enabling a one-byte out-of-bounds write to the stack buffer tmpTokenBuf. This can le...

8.3CVSS6.3AI score0.00401EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago34 views

CVE-2026-62350 TDengine: UDF lead to RCE

TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, a user with create udf privilege could upload a crafted shared library and install it as a user-defined function, such as eval, then execute arbitrary C code on the TDengine server side...

7.2CVSS0.0037EPSS
Exploits0References1
CVE
CVE
added 3 days ago10 views

CVE-2026-62350

TDengine (open-source time-series DB) -- vulnerability CVE-2026-62350 allows a user with create_udf privilege to upload a crafted shared library, install it as a UDF (e.g., eval), and execute arbitrary C code on the server via queries. Root cause: improper validation of UDF loading/execution lead...

7.2CVSS6.3AI score0.0037EPSS
Exploits0References1
CVE
CVE
added 3 days ago8 views

CVE-2026-62355

TDengine (TDengine Cloud DB) prior to 3.4.1.15 had a permission issue where a Data Reader admin_user could run create udf and access non-database objects, despite read-only intent for standard users. The vulnerability impact is limited to unauthorized creation of user-defined functions and relate...

5.4CVSS6.1AI score0.00138EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 3 days ago8 views

PT-2026-60267

Name of the Vulnerable Software and Affected Versions TDengine versions prior to 3.4.1.15 Description An unauthenticated out-of-bounds read, uncontrolled allocation, and integer underflow can occur when the server processes malformed RPC packets. This happens because the transDecompressMsg functi...

7.5CVSS5.3AI score0.00324EPSS
Exploits0References3
NVD
NVD
added 2026/06/10 10:16 p.m.12 views

CVE-2026-42542

TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...

7.5CVSS0.00539EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/06/10 8:32 p.m.32 views

CVE-2026-42542 TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS)

TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...

7.5CVSS0.00539EPSS
Exploits1References2
CVE
CVE
added 2026/06/10 8:32 p.m.39 views

CVE-2026-42542

CVE-2026-42542 affects TDengine versions 3.4.0.0–3.4.1.5. An unauthenticated remote attacker can cause a denial of service by sending a single crafted RPC packet, triggering an integer underflow in uvConnMayGetUserInfo() and crashing the taosd server. Impact is limited to availability (A) with ne...

7.5CVSS5.5AI score0.00539EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/10 8:32 p.m.10 views

CVE-2026-42542 TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS)

TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...

7.5CVSS5.5AI score0.00539EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/10 8:32 p.m.16 views

EUVD-2026-36136

TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...

7.5CVSS5.5AI score0.00539EPSS
Exploits1References2
OSV
OSV
added 2026/06/10 8:32 p.m.2 views

CVE-2026-42542 TDengine has an integer underflow in uvConnMayGetUserInfo() allows unauthenticated remote crash (DoS)

TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attacker can crash the taosd server process by sending a single crafted RPC packet. No credentials or prior session state are required. Version...

7.5CVSS6AI score0.00539EPSS
Exploits1References4
Rows per page
Query Builder