Skip to main content

DataEase CVE-2026-50030

| EUVDEUVD-2026-44778 HIGH
SQL Injection (CWE-89)
2026-07-15 GitHub_M
7.1
CVSS 4.0 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
7.1 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
6.5 MEDIUM

Network-reachable preview endpoint with low complexity but requires a low-privilege authenticated account (PR:L); read-only data disclosure gives C:H with I:N and A:N.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
Jul 15, 2026 - 21:18 EUVD
Source Code Evidence Fetched
Jul 15, 2026 - 20:03 vuln.today
Analysis Generated
Jul 15, 2026 - 20:03 vuln.today
CVE Published
Jul 15, 2026 - 19:24 cve.org
HIGH 7.1

DescriptionCVE.org

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase SQL preview exposes DatasetDataApi.previewSql/previewSqlCheck through /de2api/datasetData/previewSql, accepts PreviewSqlDTO.sql, PreviewSqlDTO.datasourceId, and PreviewSqlDTO.isCross, then DatasetDataManage.previewSql stores decoded SQL in datasourceRequest.query and CalciteProvider.fetchResultField executes it with prepareStatement(...).executeQuery(), allowing arbitrary readable datasource tables to be queried and returned in preview responses. This issue is fixed in version 2.10.23.

AnalysisAI

Arbitrary SQL read access in DataEase before 2.10.23 lets authenticated users abuse the SQL preview feature (/de2api/datasetData/previewSql) to run attacker-supplied queries against any configured datasource. Because DatasetDataManage.previewSql passes the decoded PreviewSqlDTO.sql straight into datasourceRequest.query and CalciteProvider.fetchResultField executes it via prepareStatement().executeQuery(), an attacker can read any table the datasource account can access and receive the rows in the preview response. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate with low-privilege DataEase account
Delivery
POST crafted PreviewSqlDTO to /de2api/datasetData/previewSql
Exploit
Injected SQL stored in datasourceRequest.query
Execution
CalciteProvider executes via prepareStatement().executeQuery()
Impact
Read arbitrary datasource tables from preview response

Vulnerability AssessmentAI

Exploitation Requires an authenticated DataEase account (CVSS PR:L) with the ability to reach the SQL preview feature at /de2api/datasetData/previewSql and at least one configured datasource whose datasourceId the attacker can supply in PreviewSqlDTO. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N, base 7.1) describes a network-reachable, low-complexity attack that requires low-level privileges (PR:L) and yields high confidentiality impact but no integrity or availability impact - consistent with a read-only data exfiltration flaw rather than full RCE or data tampering. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privilege authenticated DataEase user (or an attacker who has obtained any valid account) sends a crafted POST to /de2api/datasetData/previewSql with a PreviewSqlDTO whose sql field selects from a sensitive table and a valid datasourceId. DataEase decodes and executes the query via prepareStatement().executeQuery() and returns the rows in the preview response, exfiltrating data outside the user's authorized datasets. …
Remediation Vendor-released patch: upgrade to DataEase 2.10.23, which is the fixed release (https://github.com/dataease/dataease/releases/tag/v2.10.23); the corrective change is in commit 22930a493d900fe3d8084b3dd4c0125abdb2a847, which parameterizes SQL-variable default values via prepared statements in DeSqlparserUtils and SqlparserUtils. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours, enumerate all DataEase instances in your environment and verify versions; flag any instances running versions before 2.10.23 as critical priority. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-49003 CRITICAL POC
9.8 Jun 26

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, a threat actor m

CVE-2025-49002 CRITICAL POC
9.8 Jun 03

Auth bypass in DataEase via CVE-2025-49001 patch evasion. PoC available.

CVE-2025-49001 CRITICAL POC
9.8 Jun 03

Auth bypass in DataEase BI tool before 2.10.10.

CVE-2025-53005 CRITICAL POC
9.8 Jul 01

A remote code execution vulnerability in DataEase (CVSS 9.8). Risk factors: public PoC available.

CVE-2025-53004 CRITICAL POC
9.8 Jun 30

A remote code execution vulnerability in DataEase (CVSS 9.8). Risk factors: public PoC available.

CVE-2025-53006 CRITICAL POC
9.8 Jul 02

A remote code execution vulnerability in DataEase (CVSS 9.8). Risk factors: public PoC available.

CVE-2026-23958 CRITICAL POC
9.8 Jan 22

DataEase data visualization tool prior to 2.10.19 uses MD5-hashed passwords without salting, allowing attackers to crack

CVE-2024-46997 CRITICAL POC
9.8 Sep 23

DataEase is an open source data visualization analysis tool. Rated critical severity (CVSS 9.8), this vulnerability is r

CVE-2023-37258 CRITICAL POC
9.8 Jul 25

DataEase is an open source data visualization analysis tool. Rated critical severity (CVSS 9.8), this vulnerability is r

CVE-2023-33963 CRITICAL POC
9.8 Jun 01

DataEase is an open source data visualization and analysis tool. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2023-28437 CRITICAL POC
9.8 Mar 25

Dataease is an open source data visualization and analysis tool. Rated critical severity (CVSS 9.8), this vulnerability

CVE-2022-39312 CRITICAL POC
9.8 Oct 25

Dataease is an open source data visualization analysis tool. Rated critical severity (CVSS 9.8), this vulnerability is r

Share

CVE-2026-50030 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy