PT-2026-32590 · Talend · Talend Jobserver+1
Published
2026-04-14
·
Updated
2026-04-15
·
CVE-2026-6264
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Talend JobServer (affected versions not specified)
Talend Runtime versions prior to R2024-07-RT
Description
Unauthenticated remote code execution is possible via the JMX monitoring port.
Recommendations
Require TLS client authentication for the monitoring port or apply the patch for Talend JobServer.
Disable the JobServer JMX monitoring port for Talend Runtime.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Talend Jobserver
Talend Runtime