CVE-2026-11618

Sažetak

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead to improper authentication. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This patch is called f95389e7f74acec42bcee079a616aaa06f9551d2. A patch should be applied to remediate this issue.

Reference

https://github.com/DTStack/Taier/
https://github.com/DTStack/Taier/commit/f95389e7f74acec42bcee079a616aaa06f9551d2
https://github.com/DTStack/Taier/issues/1194
https://vuldb.com/cve/CVE-2026-11618
https://vuldb.com/submit/834008
https://vuldb.com/vuln/369299
https://vuldb.com/vuln/369299/cti
https://github.com/DTStack/Taier/issues/1194

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

09-06-2026 - 16:16

Objavljeno

09-06-2026 - 03:16