What is CVE-2025-53005?

CVE-2025-53005 is a vulnerability in Dataease, classified under CWE-153. Published 2025-07-01.

Is CVE-2025-53005 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Dataease

CVE-2025-53005

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg param…

EPSS: 0.005 (65.9th percentile) — read the EPSS interpretation.

Affected products

Dataease — versions < 2.10.11

Weakness classification (CWE)

CWE-153

Public proof-of-concept exploits

for-A1kaid/for-A1kaid

References

https://github.com/dataease/dataease/security/advisories/GHSA-99c4-h4fq-r23v (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2025-53005?: CVE-2025-53005 is a vulnerability in Dataease, classified under CWE-153. Published 2025-07-01.
Is CVE-2025-53005 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.