Taosdata Tdengine
8 CVEs affecting Taosdata Tdengine. Latest disclosed: 2026-07-15. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-62349 | High | 8.3 | 2026-07-15 | TDengine is an open source, time-series database optimized for Internet of Things devices. In 3.4.1.6 and earlier, source/libs/parser/src/parUtil.c trimString(… |
CVE-2026-62351 | High | 7.5 | 2026-07-15 | TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, source/libs/transport/src/transComm.c transDecompressMsg() read… |
CVE-2026-42542 | High | 7.5 | 2026-06-10 | TDengine is an open source, time-series database optimized for Internet of Things devices. In versions 3.4.0.0 through 3.4.1.5, an unauthenticated remote attac… |
CVE-2026-62350 | High | 7.2 | 2026-07-15 | TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, a user with create udf privilege could upload a c… |
CVE-2023-38502 | Medium | 6.5 | 2023-07-25 | TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to version 3.0.7.1, TDengine DataBase crashes on UDF nested qu… |
CVE-2026-62355 | Medium | 5.4 | 2026-07-15 | TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, a Data Reader admin_user on a TDengine Cloud DB i… |
CVE-2026-62353 | Medium | 5.4 | 2026-07-15 | TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.14, source/libs/parser/src/parTokenizer.c tGetToken() incremented p… |
CVE-2026-62348 | Medium | 5.4 | 2026-07-15 | TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, TDengine Enterprise allowed an authenticated low-privilege SQL… |