CVE-2026-8724 | Dataease 2.10.20 Data Dashboard SqlparserUtils.java SqlparserUtils.transFilter sql injection

Inserito da Angelo Barbosa | Mag 16, 2026 | CVE

A vulnerability was found in Dataease 2.10.20. It has been declared as critical. Impacted is the function SqlparserUtils.transFilter of the file SqlparserUtils.java of the component Data Dashboard. The manipulation results in sql injection.

This vulnerability is cataloged as CVE-2026-8724. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure.

CVE-2026-8724 | Dataease 2.10.20 Data Dashboard SqlparserUtils.java SqlparserUtils.transFilter sql injection

Post correlati

CVE-2024-4892 | BuddyPress Plugin up to 12.4.1 on WordPress cross site scripting

CVE-2026-34554 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 JSON Configuration IccCmmSearch.cpp costFunc out-of-bounds (ID 700)

CVE-2024-23180 | appleple A-Blog CMS up to 2.8.x/2.10.49/2.11.57/3.0.28/3.1.6 SVG File input validation

CVE-2025-10890 | Google Chrome up to 140.0.7339.185 V8 information disclosure