Vulnerability in Talend Jobserver
CVE-2026-6264
A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mi…
EPSS: 0.001 (24.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Talend Jobserver — versions 8.0, 7.3
- Talend Runtime — versions 8.0, 7.3
References
Frequently asked questions
- What is CVE-2026-6264?
- CVE-2026-6264 is a critical-severity vulnerability in Talend Jobserver, classified under CWE-306 MISSING AUTHENTICATION FOR CRITICAL FUNCTION. CVSS score: 9.8/10. Published 2026-04-14.
- How severe is CVE-2026-6264?
- Critical severity. CVSS v3 base score is 9.8 out of 10.