QSearchQSearch

CVE-2026-11618

7.3 HIGH

A vulnerability was determined in DTStack Taier up to 1.4.0

Published: 2026-06-09 · Last updated: 2026-06-09

Severity and scoring

CVSS
7.3 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE
CWE-287

Description

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead to improper authentication. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This patch is called f95389e7f74acec42bcee079a616aaa06f9551d2. A patch should be applied to remediate this issue.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-47838 SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wr... (6.8 MEDIUM)
  • CVE-2026-49848 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implem... (4.3 MEDIUM)
  • CVE-2026-49843 FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implem... (5.3 MEDIUM)
  • CVE-2026-44810 Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally (8.4 HIGH)
  • CVE-2026-41720 Spring LDAP's DirContextAuthenticationStrategy implementations do not reject a bind request where a non-empty username is paired with an ... (7.4 HIGH)