Skip to main content

DataEase CVE-2026-45535

| EUVDEUVD-2026-44782 HIGH
SQL Injection (CWE-89)
2026-07-15 GitHub_M
8.7
CVSS 4.0 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
8.7 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.3 HIGH

Network-reachable with low complexity but requires an authenticated dataset-authoring account (PR:L); injection allows reading and altering DB data (C:H/I:H) with limited availability impact (A:L), no scope change.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
Jul 15, 2026 - 21:18 EUVD
Source Code Evidence Fetched
Jul 15, 2026 - 20:05 vuln.today
Analysis Generated
Jul 15, 2026 - 20:05 vuln.today
CVE Published
Jul 15, 2026 - 19:39 cve.org
HIGH 8.7

DescriptionCVE.org

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase SQL-type datasets store attacker-controlled SQL variable defaultValue entries such as ${var} and SqlparserUtils.handleVariableDefaultValue() inserts them with String.replace() without escaping or parameterization, causing stored SQL injection whenever a user with dataset read permission accesses the dataset. This issue is fixed in version 2.10.23.

AnalysisAI

Stored SQL injection in DataEase (open source data visualization/BI tool) versions prior to 2.10.23 allows an authenticated user who can define SQL-type datasets to persist malicious SQL through variable defaultValue entries, which later execute against the backend database whenever any user with dataset read permission opens the dataset. The flaw (CWE-89) enables reading and modifying arbitrary database data, and CVSS 4.0 rates it 8.7 (High). …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Recon
Authenticate as dataset author
Delivery
Create SQL dataset with malicious ${var} defaultValue
Exploit
Store payload persists in dataset metadata
Install
Victim with read permission opens dataset
C2
Unescaped defaultValue concatenated into query
Execute
Injected SQL executes on backend DB
Impact
Exfiltrate or modify database data

Vulnerability AssessmentAI

Exploitation Requires an authenticated DataEase account with permission to create or edit SQL-type datasets, and the ability to set a SQL variable's defaultValue field (the exact attacker-controlled sink: ${var} entries processed by SqlparserUtils.handleVariableDefaultValue()). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N, VC:H/VI:H/VA:L, no scope change) describes a network-reachable, low-complexity attack requiring only low privileges - an authenticated user able to author or edit SQL datasets - and no user interaction, yielding a High 8.7 score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privileged DataEase user who can author SQL datasets creates one containing a variable whose defaultValue embeds a malicious SQL fragment (e.g. a subquery or UNION). …
Remediation Vendor-released patch: upgrade to DataEase 2.10.23, which replaces raw defaultValue concatenation with prepared-parameter binding (fix commit 22930a493d900fe3d8084b3dd4c0125abdb2a847, release https://github.com/dataease/dataease/releases/tag/v2.10.23). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, inventory all DataEase instances and confirm whether any run versions prior to 2.10.23. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-49003 CRITICAL POC
9.8 Jun 26

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor m

CVE-2025-49002 CRITICAL POC
9.8 Jun 03

Auth bypass in DataEase via CVE-2025-49001 patch evasion. PoC available.

CVE-2025-49001 CRITICAL POC
9.8 Jun 03

Auth bypass in DataEase BI tool before 2.10.10.

CVE-2025-53005 CRITICAL POC
9.8 Jul 01

A remote code execution vulnerability in DataEase (CVSS 9.8). Risk factors: public PoC available.

CVE-2025-53004 CRITICAL POC
9.8 Jun 30

A remote code execution vulnerability in DataEase (CVSS 9.8). Risk factors: public PoC available.

CVE-2025-53006 CRITICAL POC
9.8 Jul 02

A remote code execution vulnerability in DataEase (CVSS 9.8). Risk factors: public PoC available.

CVE-2026-23958 CRITICAL POC
9.8 Jan 22

DataEase data visualization tool prior to 2.10.19 uses MD5-hashed passwords without salting, allowing attackers to crack

CVE-2024-46997 CRITICAL POC
9.8 Sep 23

DataEase is an open source data visualization analysis tool. Rated critical severity (CVSS 9.8), this vulnerability is r

CVE-2023-37258 CRITICAL POC
9.8 Jul 25

DataEase is an open source data visualization analysis tool. Rated critical severity (CVSS 9.8), this vulnerability is r

CVE-2023-33963 CRITICAL POC
9.8 Jun 01

DataEase is an open source data visualization and analysis tool. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2023-28437 CRITICAL POC
9.8 Mar 25

Dataease is an open source data visualization and analysis tool. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2022-39312 CRITICAL POC
9.8 Oct 25

Dataease is an open source data visualization analysis tool. Rated critical severity (CVSS 9.8), this vulnerability is r

Share

CVE-2026-45535 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy