Path Traversal Vulnerability in Apache IoTDB by Apache
CVE-2026-40005
Currently unrated
What is CVE-2026-40005?
A Path Traversal vulnerability in Apache IoTDB allows an attacker to write arbitrary files on the server where IoTDB operates, exploiting unsafe API methods. This can lead to unauthorized access to sensitive data or system files, particularly in scenarios where the IoTDB process has write permissions in unintended locations. Users are advised to upgrade to version 2.0.10 to mitigate this risk, ensuring their systems remain secure.
Affected Version(s)
Apache IoTDB 1.0.0 < 2.0.10