CVE-2025-58748CRITICAL 9.8EPSS p50.4%

CVE-2025-58748CVE-2025-58748

Description

Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12 the H2 data source implementation (H2.java) does not verify that a provided JDBC URL starts with jdbc:h2. This lack of validation allows a crafted JDBC configuration that substitutes the Amazon Redshift driver and leverages the socketFactory and socketFactoryArg parameters to invoke org.springframework.context.support.FileSystemXmlApplicationContext or ClassPathXmlApplicationContext with an attacker‑controlled remote XML resource, resulting in remote code execution. Versions up to and including 2.10.12 are affected. The issue is fixed in version 2.10.13. Updating to version 2.10.13 or later is the recommended remediation. No known workarounds exist.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.76% probability of exploitation · percentile 50.4% · 2026-06-19T12:03:05Z
Published2025-09-15
Last modified2025-09-19

Underlying weaknesses· 1

CWE-502

References

  1. https://github.com/dataease/dataease/commit/23a45e72a7abc37d5680b0a7cf691b8df378d4ef
  2. https://github.com/dataease/dataease/security/advisories/GHSA-23qw-9qrh-9rr8

1

TypeTargetConfidenceTier
WeaknessDeserialization of Untrusted Datacwe-5020%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-58046
CVE
CVE-2025-62420
CVE
CVE-2025-57772
CVE
CVE-2025-53004
CVE
CVE-2025-58045
CVE
CVE-2025-48999
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.