PT-2026-27313 · Dtstack · Chunjun

·

CVE-2026-4735

·

Published

2026-03-24

·

Updated

2026-04-30

CVSS v4.0

8.7

High

VectorAV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:P/S:N/AU:Y/R:U/V:C/RE:M/U:Amber
Name of the Vulnerable Software and Affected Versions chunjun versions prior to 1.16.1
Description An unreliable data deserialization issue exists in DTStack chunjun, specifically within the chunjun-core/src/main/java/com/dtstack/chunjun/util modules. The problem is linked to the GsonUtil.Java program files.
Recommendations Update chunjun to version 1.16.1 or later.

Exploit

Fix

Deserialization of Untrusted Data

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-4735

Affected Products

Chunjun