CVE-2026-40900 | DataEase up to 2.10.20 Endpoint previewSql sql injection (GHSA-vqxf-84ph-j3vx)

A vulnerability identified as critical has been detected in DataEase up to 2.10.20. This affects an unknown part of the file /de2api/datasetData/previewSql of the component Endpoint. Performing a manipulation results in sql injection.

This vulnerability is known as CVE-2026-40900. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More