SQL Injection in Dataease

CVE-2026-45417

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase datasource connection status checks concatenate configuration.getSchema() into getTablesSql and execute the resulting SQL with executeQuery in io.d…

Vulnerability class: SQL Injection

Affected products

Weakness classification (CWE)

References