Vulnerabilidades em dataease
72 resultadosCVE-2026-32950HIGHSQLBot: RCE via SQL Injection in Excel Upload EndpointEPSS 0.9%CVE-2023-37258HIGHDataEase has a SQL injection vulnerability that can bypass blacklistsEPSS 0.9%CVE-2024-55952HIGHDataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE VulnerabilityEPSS 0.9%CVE-2024-52295CRITICALDataEase has a forged JWT token vulnerabilityEPSS 0.8%CVE-2025-49003HIGHDataease H2 JDBC Connection Remote Code ExecutionEPSS 0.8%CVE-2025-58748HIGHDataease H2 data source JDBC URL validation bypass leads to remote code executionEPSS 0.8%CVE-2026-32140CRITICALDataease: Redshift JDBC RCE BypassEPSS 0.7%CVE-2024-46985HIGHDataEase has an XXE vulnerabilityEPSS 0.7%CVE-2025-58045HIGHDataease server-side request forgery via unfiltered DB2 JDBC ldap parameterEPSS 0.6%CVE-2023-40183HIGHDataEase has a vulnerability to obtain user cookiesEPSS 0.6%CVE-2026-40901HIGHDataEase: Quartz Deserialization → Remote Code ExecutionEPSS 0.6%CVE-2023-34463HIGHUnauthorized users can delete applications in DataEaseEPSS 0.6%CVE-2026-33324CRITICALSQLBot prompt injection allows arbitrary SQL execution and remote code executionEPSS 0.6%CVE-2025-46566MEDIUMDataease redshift JDBC Connection Remote Code ExecutionEPSS 0.6%CVE-2023-35168MEDIUMDataEase has a privilege bypass vulnerabilityEPSS 0.6%CVE-2024-47074CRITICALDataease PostgreSQL Data Source JDBC Connection Parameters Not Verified Leads to Deserialization VulnerabilityEPSS 0.6%CVE-2026-32622HIGHSQLBot: Remote Code Execution via Terminology PoisoningEPSS 0.6%CVE-2024-31441HIGHArbitrary File Reading in DataEaseEPSS 0.6%CVE-2025-15597MEDIUMDataease SQLBot API Endpoint assistant.py access controlEPSS 0.5%CVE-2025-53006HIGHDataease PostgreSQL & Redshift Data Source JDBC Connection Parameters Bypass VulnerabilityEPSS 0.5%