CVE-2026-23958

EUVD-2026-4206
Dataease is an open source data visualization analysis tool. Prior to version 2.10.19, DataEase uses the MD5 hash of the user’s password as the JWT signing secret. This deterministic secret derivation allows an attacker to brute-force the admin’s password by exploiting unmonitored API endpoints that verify JWT tokens. The vulnerability has been fixed in v2.10.19. No known workarounds are available.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
dataeasedataease
𝑥
< 2.10.19
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/dataease/dataease/security/advisories/GHSA-5wvm-4m4q-rh7j
https://www.ox.security/blog/blog-dataease-cve-2026-23958-admin-takeover/