Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/04/16 7:37 p.m.3 views

CVE-2026-33207 DataEase SQL Injection Vulnerability

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql method in CalciteProvider.java incorporates the tableName parameter directly into SQL query string...

8.6CVSS6AI score0.00349EPSS
Exploits1References2
CVE
CVE
added 2026/04/16 6:16 p.m.13 views

CVE-2026-33121

DataEase (open-source data visualization/analytics) has a SQL injection in the API datasource Save flow affecting versions 2.10.20 and earlier. The deTableName field from the Base64-encoded datasource configuration is used to build a DDL statement via simple string replacement without sanitizatio...

8.8CVSS6AI score0.00328EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2026/04/16 6:14 p.m.4 views

EUVD-2026-23284

DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the sort parameter of the /de2api/datasetData/enumValueObj endpoint. The DatasetDataManage service layer directly transfers the user-supplied sort value to the...

8.7CVSS6AI score0.00328EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/16 5:39 p.m.6 views

CVE-2026-33082

DataEase is an open source data visualization analysis tool. Versions 2.10.20 and below contain a SQL injection vulnerability in the dataset export functionality. The expressionTree parameter in POST /de2api/datasetTree/exportDataset is deserialized into a filtering object and passed to...

8.7CVSS6AI score0.00325EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/04/16 12:0 a.m.10 views

DataEase 安全漏洞

DataEase is an open-source data visualization and analysis tool developed by DataEase. It helps users quickly analyze data and gain insights into business trends, thereby enabling improvements and optimizations in their businesses. DataEase versions 2.10.20 and earlier contain security...

8.8CVSS5.9AI score0.00328EPSS
Exploits1References1
Rows per page
Query Builder