Vulnerabilidades en Dataease
72 resultadosCVE-2025-24974HIGHDataEase Mysql JDBC Connection Parameters Not Being Verified Leads to Arbitrary File Read VulnerabilityEPSS 0.4%CVE-2026-33207HIGHDataEase SQL Injection VulnerabilityEPSS 0.3%CVE-2026-40900HIGHDataEase has SQL Injection via Stacked QueriesEPSS 0.3%CVE-2026-33083HIGHDataEase has SQL Injection in Order By ClauseEPSS 0.3%CVE-2026-33084HIGHDataEase has SQL Injection through its getFieldEnumObj EndpointEPSS 0.3%CVE-2026-33121HIGHDataEase has SQL Injection via Datasource Save FlowEPSS 0.3%CVE-2026-33082HIGHDataEase: SQL Injection in v2 Dataset ExportEPSS 0.3%CVE-2025-62421MEDIUMDataEase vulnerable to stored cross-site scripting via file upload bypassEPSS 0.3%CVE-2026-42463HIGHSQLBot: Unauthorized Access VulnerabilityEPSS 0.2%CVE-2026-5417MEDIUMDataease SQLbot Elasticsearch es_engine.py get_es_data_by_http server-side request forgeryEPSS 0.2%CVE-2026-32139MEDIUMDataease: Unfiltered active SVG content leads to Stored XSSEPSS 0.2%CVE-2025-15598MEDIUMDataease SQLBot JWT Token auth.py validateEmbedded signature verificationEPSS 0.2%