CVE-2025-10080 | running-elephant Datart up to 1.0.0-rc3 API AESUtil.java getTokensecret hard-coded key

September 7, 2025 Yanac

A vulnerability was found in running-elephant Datart up to 1.0.0-rc3. It has been classified as problematic. Affected by this issue is the function getTokensecret of the file datart/security/src/main/java/datart/security/util/AESUtil.java of the component API. The manipulation leads to use of hard-coded cryptographic key
.

This vulnerability is uniquely identified as CVE-2025-10080. The attack is possible to be carried out remotely. Moreover, an exploit is present.VulDB Recent EntriesRead More