CVE-2026-32140HIGH 8.8EPSS p47.9%

CVE-2026-32140CVE-2026-32140

Description

Dataease is an open source data visualization analysis tool. Prior to 2.10.20, By controlling the IniFile parameter, an attacker can force the JDBC driver to load an attacker-controlled configuration file. This configuration file can inject dangerous JDBC properties, leading to remote code execution. The Redshift JDBC driver execution flow reaches a method named getJdbcIniFile. The getJdbcIniFile method implements an aggressive automatic configuration file discovery mechanism. If not explicitly restricted, it searches for a file named rsjdbc.ini. In a JDBC URL context, users can explicitly specify the configuration file via URL parameters, which allows arbitrary files on the server to be loaded as JDBC configuration files. Within the Redshift JDBC driver properties, the parameter IniFile is explicitly supported and used to load an external configuration file. This vulnerability is fixed in 2.10.20.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.69% probability of exploitation · percentile 47.9% · 2026-06-18T12:00:27Z
Published2026-03-12
Last modified2026-03-13

Underlying weaknesses· 1

CWE-22

References

  1. https://github.com/dataease/dataease/security/advisories/GHSA-jc9q-3jfw-mch4
  2. https://github.com/dataease/dataease/security/advisories/GHSA-jc9q-3jfw-mch4

1

TypeTargetConfidenceTier
WeaknessImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal')cwe-220%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-53004
CVE
CVE-2025-58748
CVE
CVE-2025-58046
CVE
CVE-2026-32137
CVE
CVE-2026-33207
CVE
CVE-2025-48998
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.