Vulnerability in Dataease

CVE-2026-46684

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase enterprise token handling can let TokenFilter#doFilter() pass X-DE-TOKEN values to TokenUtils.validate(), which checks only token presence and leng…

Affected products

Weakness classification (CWE)

References