Remote Code Execution Vulnerability in DataEase by DataEase Technologies
CVE-2026-45534
9CRITICAL
What is CVE-2026-45534?
DataEase, an open-source data visualization and analysis tool, has a vulnerability that allows attacker-controlled configuration files to be loaded during JDBC connections. This results in a potential remote code execution path through specific methods in the Amazon Redshift driver, leading to serious security risks if not addressed. The issue has been mitigated in version 2.10.23.
Affected Version(s)
dataease < 2.10.23
