CVE-2025-26864 | Apache IoTDB up to 1.3.3/2.0.2 OpenID Authentication log file

Inserito da Angelo Barbosa | Mag 14, 2025 | CVE

A vulnerability has been found in Apache IoTDB up to 1.3.3/2.0.2 and classified as problematic. This vulnerability affects unknown code of the component OpenID Authentication. The manipulation leads to sensitive information in log files.

This vulnerability was named CVE-2025-26864. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-26864 | Apache IoTDB up to 1.3.3/2.0.2 OpenID Authentication log file

Post correlati

CVE-2024-21877 | Enphase IQ Gateway prior 8.2.4225 URL Parameter path traversal

CVE-2023-51948 | actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 /fm information disclosure

CVE-2023-7116 | WeiYe-Jing datax-web 2.1.2 HTTP POST Request /api/log/killJob processId os command injection

CVE-2023-42913 | Apple macOS up to 14.1 Remote Login Session permission