CVE-2026-33728 | DataDog dd-trace-java up to 1.60.2 Environment Variable DD_INTEGRATION_RMI_ENABLED deserialization (GHSA-579q-h82j-r5v2)

A vulnerability classified as critical has been found in DataDog dd-trace-java up to 1.60.2. Affected by this vulnerability is an unknown functionality of the component Environment Variable Handler. Performing a manipulation of the argument DD_INTEGRATION_RMI_ENABLED results in deserialization.

This vulnerability was named CVE-2026-33728. The attack may be initiated remotely. There is no available exploit.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More