Skip to main content

Talend Jobserver

1 CVEs product

Monthly

CVE-2026-6264 CRITICAL PATCH Act Now

Unauthenticated remote code execution via JMX monitoring port affects Talend JobServer and Talend Runtime (CVSS 9.8). Attackers can exploit the exposed JMX interface without authentication to execute arbitrary code with JobServer privileges. Vendor-released patches available (Talend ESB Runtime R2024-07-RT). No confirmed active exploitation (CISA KEV status: NO), but the trivial attack complexity (AC:L) and network accessibility (AV:N) present significant risk for exposed instances. EPSS data not provided.

RCE Talend Jobserver Talend Runtime
NVD
CVSS 3.1
9.8
EPSS
0.2%
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Unauthenticated remote code execution via JMX monitoring port affects Talend JobServer and Talend Runtime (CVSS 9.8). Attackers can exploit the exposed JMX interface without authentication to execute arbitrary code with JobServer privileges. Vendor-released patches available (Talend ESB Runtime R2024-07-RT). No confirmed active exploitation (CISA KEV status: NO), but the trivial attack complexity (AC:L) and network accessibility (AV:N) present significant risk for exposed instances. EPSS data not provided.

RCE Talend Jobserver Talend Runtime
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy