CVE-2026-32140

Name of the Vulnerable Software and Affected Versions Dataease versions prior to 2.10.20

Description Dataease is an open source data visualization analysis tool. Prior to version 2.10.20, controlling the IniFile parameter allows an attacker to force the JDBC driver to load an attacker-controlled configuration file. This configuration file can inject dangerous JDBC properties, leading to remote code execution. The vulnerability resides in the getJdbcIniFile method, which aggressively searches for a configuration file named rsjdbc.ini if not explicitly restricted. Within a JDBC URL context, users can specify the configuration file via URL parameters, enabling the loading of arbitrary files on the server as JDBC configuration files. The IniFile parameter within the Redshift JDBC driver properties is explicitly supported and used to load external configuration files.

Recommendations Versions prior to 2.10.20 should be updated to version 2.10.20 or later.