Back to VulnFeed / CVE-2026-11618
root@hackertop:~/vulnfeed/CVE-2026-11618#
CVE-2026-11618 MEDIUM RCE ✓ Patched◉ PoC 公开◉ Mitigation Active Lifecycle 5/7

DTStack Taier up to 1.4.0 Source Connection Test Endpoint LoginInterceptor.java preHandle improper authentication

Taier 26d ago Impact pending confirmation
LIFECYCLE
6.6 CVSS
Vulnerability Detail Mitigation Lifecycle CVSS Assessment
Vulnerability Description
A vulnerability, which was classified as critical, has been found in DTStack Taier up to 1.4.0. This issue affects the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java of the component Source Connection Test Endpoint. Applying the patch f95389e7f74acec42bcee079a616aaa06f9551d2 is able to eliminate this problem. The bugfix is ready for download at github.com.
Root Cause Analysis
Using CWE to declare the problem leads to CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Impact: Impacted is confidentiality, integrity, and availability.

Exploit: The exploit is available at github.com. It is declared as proof-of-concept.

Countermeasure: Applying the patch f95389e7f74acec42bcee079a616aaa06f9551d2 is able to eliminate this problem. The bugfix is ready for download at github.com.
Validation (PoC/EXP) - Looking for Contributors
No public PoC yet

Public validation traces already exist. Community contributors can extend them with richer reproduction content.

Contribute Your PoC/EXP
Log in to contribute PoC/EXP content. Log in
Back to VulnFeed
CVE-2026-11618 · CVSS 6.6 · Patched