Deserialization in Dtstack Chunjun
CVE-2026-4735
Deserialization of Untrusted Data vulnerability in DTStack chunjun (chunjun-core/src/main/java/com/dtstack/chunjun/util modules). This vulnerability is associated with program files GsonUtil.Java. This issue affects chunjun: before 1.16…
Vulnerability class: Insecure Deserialization
EPSS: 0.001 (19.0th percentile) — read the EPSS interpretation.
Affected products
- Dtstack Chunjun — versions 0
Weakness classification (CWE)
References
- cve_disclosure@tech.gov.sg (patch)