SQL Injection in Dataease

CVE-2026-50030

DataEase is an open source data visualization and analysis tool. Prior to 2.10.23, DataEase SQL preview exposes DatasetDataApi.previewSql/previewSqlCheck through /de2api/datasetData/previewSql, accepts PreviewSqlDTO.sql, PreviewSqlDTO.data…

Vulnerability class: SQL Injection

Affected products

Weakness classification (CWE)

References