Vulnerabilities > CVE-2025-46566 - Unspecified vulnerability in Dataease
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
DataEase is an open-source BI tool alternative to Tableau. Prior to version 2.10.9, authenticated users can complete RCE through the backend JDBC link. This issue has been patched in version 2.10.9.