Skip to main content

Tdengine

2 CVEs product

Monthly

CVE-2026-42542 HIGH PATCH This Week

Remote unauthenticated denial-of-service in TDengine versions 3.4.0.0 through 3.4.1.5 allows attackers to crash the taosd server process by sending a single crafted RPC packet, with no credentials or prior session state required. The flaw is a CWE-191 integer underflow (vendor tags also reference Integer Overflow) in RPC packet handling, fixed in version 3.4.1.6. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.

Integer Overflow Denial Of Service Tdengine
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2023-38502 MEDIUM This Month

TDengine is an open source, time-series database optimized for Internet of Things devices. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Tdengine
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote unauthenticated denial-of-service in TDengine versions 3.4.0.0 through 3.4.1.5 allows attackers to crash the taosd server process by sending a single crafted RPC packet, with no credentials or prior session state required. The flaw is a CWE-191 integer underflow (vendor tags also reference Integer Overflow) in RPC packet handling, fixed in version 3.4.1.6. No public exploit identified at time of analysis, and the CVE is not listed in CISA KEV.

Integer Overflow Denial Of Service Tdengine
NVD GitHub VulDB
EPSS 1% CVSS 6.5
MEDIUM This Month

TDengine is an open source, time-series database optimized for Internet of Things devices. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Tdengine
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy