CVE-2026-33121 | DataEase up to 2.10.20 API deTableName sql injection

Inserito da Angelo Barbosa | Apr 16, 2026 | CVE

A vulnerability classified as critical has been found in DataEase up to 2.10.20. Affected by this vulnerability is an unknown functionality of the component API. Performing a manipulation of the argument deTableName results in sql injection.

This vulnerability is identified as CVE-2026-33121. The attack can be initiated remotely. There is not any exploit available.

It is recommended to upgrade the affected component.

CVE-2026-33121 | DataEase up to 2.10.20 API deTableName sql injection

Post correlati

CVE-2024-55658 | siyuan-note SiYuan up to 3.1.15 Endpoint exportResources paths path traversal (GHSA-25w9-wqfq-gwqx)

CVE-2024-3286 | Lenovo Printer Web Request stack-based overflow

CVE-2025-37161 | HPE Aruba Networking 100 Cellular Bridge up to 10.7.1.1 Web-based Management Interface denial of service

CVE-2024-47574 | Fortinet FortiClientWindows up to 6.4.10/7.0.12/7.2.4/7.4.0 Named Pipe Message authentication bypass (FG-IR-24-199)