CVE Catalog

CVE-2026-11618

HighCVSS 7.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.07%

22th percentile - higher than 22% of all known CVEs

Summary

A vulnerability CVE-2026-11618 was identified in DTStack Taier up to version 1.4.0, concerning the preHandle function in the LoginInterceptor.java file. Manipulating this function may lead to improper authentication, which can be performed remotely.

Risk Assessment

The risk to the organization involves the potential for remote attacks, which could result in unauthorized access to the system.

Recommendation

It is recommended to apply the patch f95389e7f74acec42bcee079a616aaa06f9551d2 to remediate this vulnerability.

Original NVD description (English source)

A vulnerability was determined in DTStack Taier up to 1.4.0. The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Executing a manipulation can lead to improper authentication. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. This patch is called f95389e7f74acec42bcee079a616aaa06f9551d2. A patch should be applied to remediate this issue.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS