Vulnerability in Apache Software Foundation Iotdb

CVE-2026-24015

A vulnerability in Apache IoTDB. This issue affects Apache IoTDB: from 1.0.0 before 1.3.7, from 2.0.0 before 2.0.7. Users are recommended to upgrade to version 1.3.7 or 2.0.7, which fixes the issue.

EPSS: 0.000 (7.4th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Iotdb — versions 1.0.0, 2.0.0

Weakness classification (CWE)

CWE-1327

References

lists.apache.org/thread/j769ywdqm46zl3oz5lbffsldklg0ow7p (vendor-advisory)