Auth bypass in Dataease

CVE-2026-53729

DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download (/exportCenter/download/{id}), delete (/exportCenter/delete), retry (/exportCenter/retry/{id}), or generate download lin…

Vulnerability class: IDOR (Insecure Direct Object Reference)

Affected products

Weakness classification (CWE)

References