Out-of-Bounds Read Vulnerability in Apache IoTDB C++ Client
CVE-2026-40454

Currently unrated

Key Information:

Vendor

Apache

Vendor
CVE Published:
10 July 2026

What is CVE-2026-40454?

An out-of-bounds read vulnerability exists in the Apache IoTDB C++ client, where improper input validation can lead to crashes due to malformed server data. The affected versions of the client range from 1.3.5 to before 1.3.8 and from 2.0.5 to before 2.0.10. Users are advised to upgrade to version 2.0.10 to mitigate any related risks.

Affected Version(s)

Apache IoTDB C++ client 1.3.5 < 1.3.8

Apache IoTDB C++ client 2.0.5 < 2.0.10

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

bugbunny.ai
.